[TASK] Be more expressive in error condition 18/26718/2
authorHelmut Hummel <helmut.hummel@typo3.org>
Thu, 9 Jan 2014 11:16:46 +0000 (12:16 +0100)
committerHelmut Hummel <helmut.hummel@typo3.org>
Wed, 29 Jan 2014 10:30:07 +0000 (11:30 +0100)
If lockSSL is set to 1 and the backend is not
accessed via SSL currently a 404 header is sent
with no message body. The same happens when the
client IP address does not mach the configured
list of allowed addresses.

Give a more useful hint for users in these cases
by throwing an Exception.

Resolves: #51378
Releases: 6.2
Change-Id: Ic76d8415c482e78bdea7e57e1cb5dab21a49969f
Reviewed-on: https://review.typo3.org/26718
Reviewed-by: Michiel Roos
Tested-by: Michiel Roos
Tested-by: Georg Ringer
Reviewed-by: Oliver Klee
Reviewed-by: Markus Klein
Tested-by: Markus Klein
Reviewed-by: Marcin SÄ…gol
Reviewed-by: Felix Kopp
Reviewed-by: Helmut Hummel
Tested-by: Helmut Hummel
typo3/sysext/core/Classes/Core/Bootstrap.php

index 99fe760..34888d0 100644 (file)
@@ -830,16 +830,12 @@ class Bootstrap {
         *
         * @return Bootstrap
         * @internal This is not a public API method, do not use in own extensions
+        * @throws \RuntimeException
         */
        public function checkBackendIpOrDie() {
                if (trim($GLOBALS['TYPO3_CONF_VARS']['BE']['IPmaskList'])) {
                        if (!Utility\GeneralUtility::cmpIP(Utility\GeneralUtility::getIndpEnv('REMOTE_ADDR'), $GLOBALS['TYPO3_CONF_VARS']['BE']['IPmaskList'])) {
-                               // Send Not Found header - if the webserver can make use of it
-                               header('Status: 404 Not Found');
-                               // Just point us away from here...
-                               header('Location: http://');
-                               // ... and exit good!
-                               die;
+                               throw new \RuntimeException('TYPO3 Backend access denied: The IP address of your client does not match the list of allowed IP addresses.', 1389265900);
                        }
                }
                return $this;
@@ -851,6 +847,7 @@ class Bootstrap {
         *
         * @return Bootstrap
         * @internal This is not a public API method, do not use in own extensions
+        * @throws \RuntimeException
         */
        public function checkSslBackendAndRedirectIfNeeded() {
                if (intval($GLOBALS['TYPO3_CONF_VARS']['BE']['lockSSL'])) {
@@ -872,14 +869,10 @@ class Bootstrap {
                                        list(, $url) = explode('://', Utility\GeneralUtility::getIndpEnv('TYPO3_SITE_URL') . TYPO3_mainDir, 2);
                                        list($server, $address) = explode('/', $url, 2);
                                        header('Location: https://' . $server . $sslPortSuffix . '/' . $address);
+                                       die;
                                } else {
-                                       // Send Not Found header - if the webserver can make use of it...
-                                       header('Status: 404 Not Found');
-                                       // Just point us away from here...
-                                       header('Location: http://');
+                                       throw new \RuntimeException('TYPO3 Backend not accessed via SSL: TYPO3 Backend is configured to only be accessible through SSL. Change the URL in your browser and try again.', 1389265726);
                                }
-                               // ... and exit good!
-                               die;
                        }
                }
                return $this;