[BUGFIX] Avoid double-encoding of URL parameters 83/38783/4
authorAndreas Fernandez <a.fernandez@scripting-base.de>
Sat, 18 Apr 2015 11:59:40 +0000 (13:59 +0200)
committerAndreas Fernandez <andreas.fernandez@aspedia.de>
Sat, 18 Apr 2015 13:08:16 +0000 (15:08 +0200)
Fix some double rawurlencode() on parameters in EditDocumentController.

In almost all cases the getModuleUrl() method is now used, which already
takes care of proper URL encoding.

This also prevents errors where the CSRF protection failed due to wrong
URL encoding.

Resolves: #66433
Releases: master
Change-Id: Ib962020dd074f38808634ae2ac7bfd1da2c3364b
Reviewed-on: http://review.typo3.org/38783
Reviewed-by: Markus Klein <klein.t3@reelworx.at>
Tested-by: Markus Klein <klein.t3@reelworx.at>
Reviewed-by: Andreas Fernandez <andreas.fernandez@aspedia.de>
Tested-by: Andreas Fernandez <andreas.fernandez@aspedia.de>
typo3/sysext/backend/Classes/Controller/EditDocumentController.php

index 5410695..93c3476 100644 (file)
@@ -1136,7 +1136,7 @@ class EditDocumentController {
                        if ($this->firstEl['cmd'] != 'new' && MathUtility::canBeInterpretedAsInteger($this->firstEl['uid'])) {
                                // Delete:
                                if ($this->firstEl['deleteAccess'] && !$GLOBALS['TCA'][$this->firstEl['table']]['ctrl']['readOnly'] && !$this->getNewIconMode($this->firstEl['table'], 'disableDelete')) {
-                                       $aOnClick = 'return deleteRecord(\'' . $this->firstEl['table'] . '\',\'' . $this->firstEl['uid'] . '\', unescape(\'' . rawurlencode($this->retUrl) . '\'));';
+                                       $aOnClick = 'return deleteRecord(\'' . $this->firstEl['table'] . '\',\'' . $this->firstEl['uid'] . '\', ' . GeneralUtility::quoteJSvalue($this->retUrl) . ');';
                                        $buttons['delete'] = '<a href="#" onclick="' . htmlspecialchars($aOnClick) . '" title="' . $GLOBALS['LANG']->getLL('deleteItem', TRUE) . '">' . IconUtility::getSpriteIcon('actions-edit-delete') . '</a>';
                                }
                                // Undo:
@@ -1356,15 +1356,15 @@ class EditDocumentController {
                                                        // Create url for creating a localized record
                                                        if ($newTranslation) {
                                                                $redirectUrl = BackendUtility::getModuleUrl('record_edit', array(
-                                                                       'justLocalized' => rawurlencode(($table . ':' . $rowsByLang[0]['uid'] . ':' . $lang['uid'])),
-                                                                       'returnUrl' => rawurlencode($this->retUrl) . BackendUtility::getUrlToken('editRecord')
-                                                               ));
+                                                                       'justLocalized' => $table . ':' . $rowsByLang[0]['uid'] . ':' . $lang['uid'],
+                                                                       'returnUrl' => $this->retUrl
+                                                               )) . BackendUtility::getUrlToken('editRecord');
                                                                $href = $this->doc->issueCommand('&cmd[' . $table . '][' . $rowsByLang[0]['uid'] . '][localize]=' . $lang['uid'], $redirectUrl);
                                                        } else {
                                                                $href = BackendUtility::getModuleUrl('record_edit', array(
                                                                        'edit[' . $table . '][' . $rowsByLang[$lang['uid']]['uid'] . ']' => 'edit',
-                                                                       'returnUrl' => rawurlencode($this->retUrl) . BackendUtility::getUrlToken('editRecord')
-                                                               ));
+                                                                       'returnUrl' => $this->retUrl
+                                                               )) . BackendUtility::getUrlToken('editRecord');
                                                        }
                                                        $langSelItems[$lang['uid']] = '
                                                                <option value="' . htmlspecialchars($href) . '"' . ($currentLanguage == $lang['uid'] ? ' selected="selected"' : '') . '>' . htmlspecialchars(($lang['title'] . $newTranslation)) . '</option>';
@@ -1397,7 +1397,7 @@ class EditDocumentController {
                                // Create parameters and finally run the classic page module for creating a new page translation
                                $location = BackendUtility::getModuleUrl('record_edit', array(
                                        'edit[' . $table . '][' . $localizedRecord['uid'] . ']' => 'edit',
-                                       'returnUrl' => rawurlencode(GeneralUtility::sanitizeLocalUrl(GeneralUtility::_GP('returnUrl')))
+                                       'returnUrl' => GeneralUtility::sanitizeLocalUrl(GeneralUtility::_GP('returnUrl'))
                                ));
                                HttpUtility::redirect($location . BackendUtility::getUrlToken('editRecord'));
                        }
@@ -1608,8 +1608,7 @@ class EditDocumentController {
                }
                // If code is NOT set OR set to 1, then make a header location redirect to $this->retUrl
                if (!$code || $code == 1) {
-                       // @todo: find out why we need rawurldecode here!
-                       HttpUtility::redirect(rawurldecode($this->retUrl));
+                       HttpUtility::redirect($this->retUrl);
                } else {
                        $this->setDocument('', $this->retUrl);
                }