[TYPO3-core] RFC Bug #10451: Evaluation PATH_INFO in tslib_fe::checkAlternativeIdMethods() sets false positives
Steffen Kamper
info at sk-typo3.de
Mon Feb 16 19:31:44 CET 2009
Hi olly,
Oliver Hader schrieb:
> This is an SVN patch request.
>
> Type: Bugfix
>
> Bugtracker references:
> http://bugs.typo3.org/view.php?id=10451
>
> Branch: TYPO3_4-2
>
> Problem:
> The method tslib_fe::checkAlternativeIdMethods() in TSFE tries to fetch
> the server environment PATH_INFO and if there's something it expects an
> URL like "/index.php/<page-id>/<type-number>/" and sets the current id
> and type accordant.
>
> However, if config.simulateStaticDocuments is not set to "PATH_INFO"
> this is a false positive.
>
> Solution:
> Check whether config.simulateStaticDocuments is set to "PATH_INFO" and
> only then try to evaluate the id and type by the PATH_INFO information.
>
>
> olly
>
it's even worse: you can enter anything you want like
this_is_not_the_title_i_expected.37.0.html
and it will display page 37.
This is very bad, let's say an editor renames a page - it will never be
in google index, as the old url is still available.
I made an extension which verifies page title so URL "has" to be unique.
vg Steffen
More information about the TYPO3-team-core
mailing list