[TYPO3-core] RFC #9412: config.absRefPrefix can force wrong URL when linking across domains
Dmitry Dulepov [typo3]
dmitry at typo3.org
Tue Sep 23 11:44:46 CEST 2008
Hi!
Georg Ringer wrote:
> bots can sometimes have troubles with baseUrl and this will get to paths
> like
> fileadmin/img.jpg
> => fileadmin/fileadmin/img.jpg
> =>=>fileadmin/fileadmin/fileadmin/img.jpg
>
> you get the idea..
>
> georg
> PS: http://typo3bloke.net/post-details/check_your_404_traffic/
Exactly. Also RealURL now fully supports absRefPrefix. If these two bugs with absRefPrefix are fixed, I will drop statement about baseURL completely from the RealURL manual and recommend absRefPrefix instead. It also prevents ~trivial~ stealing of content (like getting someone's content using subrequest and claiming false ownership) because all links will be absolute to the real site. This is not a great protectection of course but at least something.
--
Dmitry Dulepov
TYPO3 Core team
My TYPO3 book: http://www.packtpub.com/typo3-extension-development/book
In the blog: http://typo3bloke.net/post-details/tag_your_typo3_extension_releases_in_svn/
More information about the TYPO3-team-core
mailing list