[TYPO3-core] RFC #15621: Feature: TYPO3 misses page-option to force SSL oder Non-SSL to page

Martin Kutschker masi-no at spam-typo3.org
Wed Sep 1 19:02:48 CEST 2010


Am 01.09.2010 17:59, schrieb Steffen Ritter:
> Hey list,
> This is an SVN patch request.
> 
> Type: Feature
> 
> Bugtracker references:
> http://bugs.typo3.org/view.php?id=15621
> 
> Branches:
> trunk
> 
> Problem:
> TYPO3 misses the possibility to "enforce" one page to be ssl or to be no ssl.
> In rfc 11950 we introduced the possibility into typolink to set an scheme (http / https) to the
> rendered link url.
> 
> Solution:
> Since the typolink function generally is enabled to that since 0011950, we easily can integrate such
> functionality to core.

Short note: Please don't use mixed case DB-fields. AFAIK DBAL/ADOdb or whoever has to do some extra
work to make this compatible with other DBs.

Longer note: IMHO the solution works from the wrong direction. Forcing SSL should mean that I want
to protect a page or a branch. So it is the page that should get a new property
"encrypted"/"protected". And it is necessary a) for the link generation to honour that setting and
b) the task of the access control to deny access if the protocol isn't the required one.

I won't discourage you by giving a -1 but I really think that the approach to use SSL in TYPO3
should be different.

Cheers,
Masi


More information about the TYPO3-team-core mailing list