[TASK] Make PSR-15 middlewares use normalizedParams 31/55731/3
authorBenni Mack <benni@typo3.org>
Thu, 15 Feb 2018 10:35:15 +0000 (11:35 +0100)
committerSusanne Moog <susanne.moog@typo3.org>
Thu, 15 Feb 2018 16:37:18 +0000 (17:37 +0100)
This patch uses the newly introduced normalizedParams, marking
the first step away from GeneralUtility::getIndpEnv(), relying on a
given configuration instead of a superglobal option.

Resolves: #83915
Releases: master
Change-Id: I4b843a1b99c0ea4f30490ff80c4383653177c13b
Reviewed-on: https://review.typo3.org/55731
Reviewed-by: Mathias Brodala <mbrodala@pagemachine.de>
Reviewed-by: Benjamin Franzke <bfr@qbus.de>
Tested-by: Benjamin Franzke <bfr@qbus.de>
Tested-by: TYPO3com <no-reply@typo3.com>
Reviewed-by: Susanne Moog <susanne.moog@typo3.org>
Tested-by: Susanne Moog <susanne.moog@typo3.org>
typo3/sysext/backend/Classes/Middleware/ForcedHttpsBackendRedirector.php
typo3/sysext/backend/Classes/Middleware/LockedBackendGuard.php
typo3/sysext/backend/Configuration/RequestMiddlewares.php

index 2dd78f5..6ca26bf 100644 (file)
@@ -20,32 +20,32 @@ use Psr\Http\Message\ServerRequestInterface;
 use Psr\Http\Server\MiddlewareInterface;
 use Psr\Http\Server\RequestHandlerInterface;
 use TYPO3\CMS\Core\Http\RedirectResponse;
-use TYPO3\CMS\Core\Utility\GeneralUtility;
 
 /**
  * Check lockSSL configuration variable and redirect
  * to https version of the backend if needed
  *
+ * Depends on the NormalizedParams middleware to identify the
+ * Site URL and if the page is not running via HTTPS yet.
+ *
  * @internal
  */
 class ForcedHttpsBackendRedirector implements MiddlewareInterface
 {
     /**
-     * @todo Remove getIndpEnv() usage once $request contains all the site parameters (URL etc.)
-     *
      * @param ServerRequestInterface $request
      * @param RequestHandlerInterface $handler
      * @return ResponseInterface
      */
     public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
     {
-        if ((bool)$GLOBALS['TYPO3_CONF_VARS']['BE']['lockSSL'] && !GeneralUtility::getIndpEnv('TYPO3_SSL')) {
+        if ((bool)$GLOBALS['TYPO3_CONF_VARS']['BE']['lockSSL'] && !$request->getAttribute('normalizedParams')->isHttps()) {
             if ((int)$GLOBALS['TYPO3_CONF_VARS']['BE']['lockSSLPort']) {
                 $sslPortSuffix = ':' . (int)$GLOBALS['TYPO3_CONF_VARS']['BE']['lockSSLPort'];
             } else {
                 $sslPortSuffix = '';
             }
-            list(, $url) = explode('://', GeneralUtility::getIndpEnv('TYPO3_SITE_URL') . TYPO3_mainDir, 2);
+            list(, $url) = explode('://', $request->getAttribute('normalizedParams')->getSiteUrl() . TYPO3_mainDir, 2);
             list($server, $address) = explode('/', $url, 2);
             return new RedirectResponse('https://' . $server . $sslPortSuffix . '/' . $address);
         }
index aa49337..8c0cb82 100644 (file)
@@ -25,6 +25,9 @@ use TYPO3\CMS\Core\Utility\GeneralUtility;
 /**
  * Checks various security options for accessing the TYPO3 backend before proceeding
  *
+ * Depends on the NormalizedParams middleware to identify the
+ * Site URL and if the page is not running via HTTPS yet.
+ *
  * @internal
  */
 class LockedBackendGuard implements MiddlewareInterface
@@ -43,7 +46,7 @@ class LockedBackendGuard implements MiddlewareInterface
             return new RedirectResponse($redirectToUri, 302);
         }
         $this->validateVisitorsIpAgainstIpMaskList(
-            $request->getServerParams()['REMOTE_ADDR'],
+            $request->getAttribute('normalizedParams')->getRemoteAddress(),
             trim((string)$GLOBALS['TYPO3_CONF_VARS']['BE']['IPmaskList'])
         );
 
index 62b3e6a..9cceac9 100644 (file)
@@ -29,7 +29,8 @@ return [
         'typo3/cms-backend/https-redirector' => [
             'target' => \TYPO3\CMS\Backend\Middleware\ForcedHttpsBackendRedirector::class,
             'after' => [
-                'typo3/cms-backend/locked-backend'
+                'typo3/cms-core/normalized-params-attribute',
+                'typo3/cms-backend/locked-backend',
             ]
         ],
         'typo3/cms-backend/backend-routing' => [