[TYPO3-core] RFC: #17500: Improve error handling in ExtDirect router
Helmut Hummel
helmut.hummel at typo3.org
Sun Feb 6 18:41:41 CET 2011
Hi,
this is a SVN patch request.
Type: Bugfix
Bugtracker references:
http://bugs.typo3.org/view.php?id=17500
Branches: 4_5, trunk
Problem:
Even if something goes wrong in a ExtDirect request, the request gets
processed, which lead to unexpected results.
Solution:
Do not process the request, but just return the error message instead.
Note:
The current behavior is especially annoying after the addition of the
CSRF protection, because in case of an invalid request, a security token
error message is sent, which is wrong.
For better readability of what changed, I added a patch without
whitespace changes
Kind regards,
Helmut
--
Helmut Hummel
TYPO3 Security Team Leader
TYPO3 .... inspiring people to share!
Get involved: typo3.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 17500.diff
Type: text/x-patch
Size: 2924 bytes
Desc: not available
URL: <http://lists.typo3.org/pipermail/typo3-team-core/attachments/20110206/528f3fea/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 17500_no_whitespace_changes.diff
Type: text/x-patch
Size: 1036 bytes
Desc: not available
URL: <http://lists.typo3.org/pipermail/typo3-team-core/attachments/20110206/528f3fea/attachment-0001.bin>
More information about the TYPO3-team-core
mailing list