[TYPO3-core] JumpUrl restructuring
helmut.hummel at typo3.org
Thu Oct 3 11:49:39 CEST 2013
first of all, I'm really thankful that you put work in this area and
fixing bugs. It is really not my intention to state that this work is
On 27.09.13 13:18, Alexander Stehlik wrote:
> > I would rather (carefully) fix the issues in existing code or create
> > a concept for a new way to solve the features jumpurl (what a bad
> > name anyway) tries to solve.
> What does the rest of you think of this feature? What are the
> alternatives? Removing the feature? Rewriting it from scratch?
There are many things I absolutely do not like about this feature.
* It is badly named
* It combines 2 purposes ("secure" file download and link tracking)
* The concept is bad and so is the implementation
* History showed that this area is susceptible to security flaws and
bugs and every change in that area introduced new bugs
All in all, it is a technical dept.
> I can not see how a feature without proper tests should be better than a
> better readable an well tested one (precisely because it had security
> issues in the past).
Yes, refactoring and testing makes sense.
The more tough question is how to do it.
I would like to see that some thoughts are spent on how we want to deal
with this feature in general and have a plan how we want to have it/
change it in the future.
If we have a concept or plan, I might be convinced that ss a first step
it is OK to just extract all functionality in one class to make it
better testable and easier to change to a state we want to have it.
I'm happy to support you in creating such a concept if you like to take
over such a task.
> Another approach I was thinking about was implementing this feature in
> FAL. A SecureLocalDriver could return the path to an eID script in the
> getPublicUrl() method. The script could then check if the user has
> access rights to the file and put out the file contents.
Yes that is definetly the way to go for secure file links and I'm
currently working on that area to make it happen. That would render the
"secure download" functionality of jumpurl useless and we should think
about deprecating it rather now than later.
Then only the link tracking feature of jumpurl remains to be useful and
we should think about how to extract this feature of the complete
functionality or something like that.
This is my view on that topic and it is fine if you or anybody else has
a different one. I'm happy to be challenged on that opinion and being
convinced by better arguments ;)
Release Manager TYPO3 6.0
TYPO3 Core Developer, TYPO3 Security Team Member
TYPO3 .... inspiring people to share!
Get involved: typo3.org
More information about the TYPO3-team-core