[TYPO3-core] RFC: #15280: felogin redirect doesn't work anymore after update to latest releases (4.2x - 4.4.x)
Oliver Hader
oliver at typo3.org
Thu Aug 5 14:24:31 CEST 2010
Hi Helmut,
Am 05.08.10 00:07, schrieb Helmut Hummel:
> Hi,
>
> On 04.08.10 10:16, Ernesto Baschny [cron IT] wrote:
>> Helmut Hummel schrieb am 04.08.2010 09:31:
>>>
>>> So I will provide a new patch along with unit tests somewhen this evening.
>>
>> Looking forward to it, thanks a lot for the work on that, Helmut!
>
> OK.
>
> Find attached a new version of the patch along with some unit test,
> which (I hope) cover all to be expected cases.
>
> Two things:
>
> 1. I added a check, if the following chars "<>\ are in an URL it is
> considered invalid. I someone expects problems with that, I'm also fine
> removing this again, since the url is escaped before put in the HTML,
> this is just a defense in depth aproach.
>
> 2. Two tests which consider that URLs with special chars shoud work fail
> currently, because of filter_validate does not consider this a valid
> URL. I'm totally fine not allowing such chars in a URL, but since Olly
> made some efforts to support them for the backend, I'm not sure.
>
> Besides that, it works now as I would expect it.
>
> Feedback appreciated.
I modified the patch a bit:
* the method should return the URL that was used initially if everything
is okay - before it was decoded and returned
* thus, decoding the URL is only used for the check inside the method
* the test with strange characters (äüöß) did not work on my system
-> the validate URL filter did no accept these umlauts and thus the
URL was not valid - maybe it was just an charset problem here...
* the test was renamed to "tx_feloginTest" (not "t3lib_...")
Besides that: +1 by reading and testing
olly
--
Oliver Hader
TYPO3 v4 Core Team Leader
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0015280_v8.patch
Type: text/x-patch
Size: 15665 bytes
Desc: not available
URL: <http://lists.typo3.org/pipermail/typo3-team-core/attachments/20100805/94b29799/attachment-0001.bin>
More information about the TYPO3-team-core
mailing list