[BUGFIX] Ignore non-integer values for type in redirects 93/34193/5
authorBjörn Fromme <mail@bjo3rn.com>
Thu, 4 Dec 2014 13:48:16 +0000 (14:48 +0100)
committerMarkus Klein <klein.t3@reelworx.at>
Thu, 4 Dec 2014 20:48:13 +0000 (21:48 +0100)
For redirects the parameter for page type is not validated as integer
resulting in invalid redirect urls. This patch checks for a valid integer
value and ignores it silently otherwise.

Resolves: #62527
Releases: master, 6.2
Change-Id: I9fd4564a3e4e13e4d64e27e090221e71edf06ae9
Reviewed-on: http://review.typo3.org/34193
Reviewed-by: Markus Klein <klein.t3@reelworx.at>
Tested-by: Markus Klein <klein.t3@reelworx.at>
typo3/sysext/frontend/Classes/Controller/TypoScriptFrontendController.php

index 5009c5a..34b79ab 100644 (file)
@@ -16,6 +16,7 @@ namespace TYPO3\CMS\Frontend\Controller;
 
 use TYPO3\CMS\Core\Utility\GeneralUtility;
 use TYPO3\CMS\Core\Utility\HttpUtility;
+use TYPO3\CMS\Core\Utility\MathUtility;
 
 /**
  * Class for the built TypoScript based frontend. Instantiated in
@@ -3158,7 +3159,7 @@ class TypoScriptFrontendController {
                        $cObj = GeneralUtility::makeInstance('TYPO3\\CMS\\Frontend\\ContentObject\\ContentObjectRenderer');
                        $parameter = $this->page['uid'];
                        $type = GeneralUtility::_GET('type');
-                       if ($type) {
+                       if ($type && MathUtility::canBeInterpretedAsInteger($type)) {
                                $parameter .= ',' . $type;
                        }
                        $redirectUrl = $cObj->typoLink_URL(array('parameter' => $parameter));