[TYPO3-core] RFC: #17500: Improve error handling in ExtDirect router

Helmut Hummel helmut.hummel at typo3.org
Sun Feb 6 18:41:41 CET 2011


Hi,

this is a SVN patch request.

Type: Bugfix

Bugtracker references:
http://bugs.typo3.org/view.php?id=17500

Branches: 4_5, trunk

Problem:
Even if something goes wrong in a ExtDirect request, the request gets
processed, which lead to unexpected results.

Solution:
Do not process the request, but just return the error message instead.

Note:
The current behavior is especially annoying after the addition of the
CSRF protection, because in case of an invalid request, a security token
error message is sent, which is wrong.


For better readability of what changed, I added a patch without
whitespace changes

Kind regards,
Helmut

-- 
Helmut Hummel
TYPO3 Security Team Leader

TYPO3 .... inspiring people to share!
Get involved: typo3.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 17500.diff
Type: text/x-patch
Size: 2924 bytes
Desc: not available
URL: <http://lists.typo3.org/pipermail/typo3-team-core/attachments/20110206/528f3fea/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 17500_no_whitespace_changes.diff
Type: text/x-patch
Size: 1036 bytes
Desc: not available
URL: <http://lists.typo3.org/pipermail/typo3-team-core/attachments/20110206/528f3fea/attachment-0001.bin>


More information about the TYPO3-team-core mailing list