[TYPO3-dev] jumpurl generally insecure?
Andreas Kiessling
kiessling at pluspol.info
Mon Jul 30 13:56:36 CEST 2012
Hi,
>
> Philipp Gampe wrote:
>> config.jumpurl_enable = 0
>
> You provide a direct solution, thus there is no reason for Marc to learn :(
>
Searching for 'jumpurl_enable' in the source of 4.5 only shows results
in tslib_content. So this setting only affects links that are generated
through some typolink function, but not when tslib_fe is handling the param.
What should work, is unsetting $_GET['jumpurl'] in your localconf.php
Regards,
Andreas
More information about the TYPO3-dev
mailing list