Benni Mack [Thu, 6 Jun 2019 05:10:37 +0000 (07:10 +0200)]
[!!!][TASK] Drop DB field sys_language.static_lang_isocode
The database field "static_lang_isocode" in the DB table
"sys_language" is configured via static_info_tables, however
due to legacy reasons, this was added in TYPO3 Core,
as some references were put there. It is now possible
to remove any references to this field, and have the third-party
extension deal with it.
Resolves: #88583
Releases: master
Change-Id: I5c366c84d21e0d291ec32d44c0b2c2e1064f669d
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60887
Tested-by: Daniel Goerz <daniel.goerz@posteo.de>
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Daniel Goerz <daniel.goerz@posteo.de>
Reviewed-by: Oliver Klee <typo3-coding@oliverklee.de>
Reviewed-by: Björn Jacob <bjoern.jacob@tritum.de>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Benni Mack [Thu, 13 Jun 2019 13:31:32 +0000 (15:31 +0200)]
[TASK] Deprecate TSFE->sys_language_isocode
Due to the introduction of Site Handling, the public property
`$TSFE->sys_language_isocode` is not necessary anymore,
as this value is used outside of TSFE fully, and not needed as
public property to hold the state.
It is marked as deprecated.
Resolves: #88559
Releases: master
Change-Id: If02eb5b342fec4f83a9585dbc29fc13c8adda88e
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61002
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Daniel Goerz <daniel.goerz@posteo.de>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Daniel Goerz <daniel.goerz@posteo.de>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Benni Mack [Tue, 25 Jun 2019 04:19:15 +0000 (06:19 +0200)]
[!!!][TASK] Handle SoftRefParser without references
The softRefParser logic previously contained its own
factory within BackendUtility with a magic singleton
logic built into "$GLOBALS['T3_VAR']['softRefParser']".
This has changed by building custom Singleton
Interfaces instead.
Resolves: #88638
Releases: master
Change-Id: I43f30c18b27f75672fbc2b5cc2cbdb725eb6f44a
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61124
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Daniel Goerz <daniel.goerz@posteo.de>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Daniel Goerz <daniel.goerz@posteo.de>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Riccardo De Contardi [Thu, 27 Jun 2019 14:32:55 +0000 (14:32 +0000)]
[TASK] fix list formatting
Add some empty lines to allow correct list formatting, like on
https://github.com/TYPO3-Documentation/TYPO3CMS-Reference-CoreApi/edit/mas
ter/Documentation/ApiOverview/TypoScriptSyntax/Syntax/Includes.rst
Releases: master, 9.5
Resolves: #88641
Change-Id: Ice387d8b97d8b74ea859c92d274bcb535005fdae
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61160
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Björn Jacob <bjoern.jacob@tritum.de>
Tested-by: Daniel Goerz <daniel.goerz@posteo.de>
Reviewed-by: Björn Jacob <bjoern.jacob@tritum.de>
Reviewed-by: Daniel Goerz <daniel.goerz@posteo.de>
Richard Haeser [Thu, 27 Jun 2019 19:29:31 +0000 (21:29 +0200)]
[TASK] Removed leftovers of AltPageTitleProvider
Removed the mention of altPageTitleProvider that were left on some
places after removing this deprecated provider.
Resolves: #88644
Releases: master
Change-Id: I0626373204706e7b57224ecd74b739d3b36d745b
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61161
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Benni Mack <benni@typo3.org>
Tested-by: Kevin Appelt <kevin.appelt@icloud.com>
Tested-by: Richard Haeser <richard@maxserv.com>
Reviewed-by: Benni Mack <benni@typo3.org>
Reviewed-by: Simon Gilli <typo3@gilbertsoft.org>
Reviewed-by: Kevin Appelt <kevin.appelt@icloud.com>
Reviewed-by: Richard Haeser <richard@maxserv.com>
Andreas Fernandez [Fri, 24 May 2019 14:43:22 +0000 (16:43 +0200)]
[TASK] Open ElementBrowser event based in FormEngine
Currently, the ElementBrowser is used in three different places in
FormEngine, all of them trigger it differently. This patch introduces
an event-driven approach and streamlines all usages.
Resolves: #88436
Releases: master
Change-Id: I13e696f29ade0aede6a2466cbca1e27cebc86c61
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60818
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Daniel Goerz <daniel.goerz@posteo.de>
Tested-by: Benni Mack <benni@typo3.org>
Reviewed-by: Daniel Goerz <daniel.goerz@posteo.de>
Reviewed-by: Benni Mack <benni@typo3.org>
Benni Mack [Wed, 19 Jun 2019 09:53:46 +0000 (11:53 +0200)]
[TASK] Remove special singleton handling of makeInstanceService
Calling GeneralUtility::makeInstanceService() stores
the instance as "persistent object". Since TYPO3 4.x this has been
dealt with SingletonInterface, which allows far more flexibility
in various places, as throughout the ENTIRE TYPO3 Core already.
The special handling of having GeneralUtility::makeInstanceService()
stores its own Singleton instances is removed, as the method
calls `GeneralUtility::makeInstance()` as well, which does handle
the SingletonInterface anyway.
For services in general (like Authentication Services), it is useful
to not have them as singleton. The current process within
"makeInstanceService()" now allows to properly "reset()" the
functionality anyway by re-calling "init()", which itself
calls "reset()" as well.
As there are no contracts (interfaces) for Services currently,
this should not interfere with anything existing services.
Resolves: #88588
Releases: master
Change-Id: Iba54715c04e510003c095578a237524ebe9f374f
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61090
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Daniel Goerz <daniel.goerz@posteo.de>
Tested-by: Daniel Sattler <sattler@b13.de>
Tested-by: Benni Mack <benni@typo3.org>
Reviewed-by: Daniel Goerz <daniel.goerz@posteo.de>
Reviewed-by: Daniel Sattler <sattler@b13.de>
Reviewed-by: Benni Mack <benni@typo3.org>
Andreas Fernandez [Wed, 19 Jun 2019 14:00:22 +0000 (16:00 +0200)]
[BUGFIX] Decouple ColorPicker from FormEngine
Since #87031 the color picker is tightly coupled to FormEngine, causing
issues if not used in FormEngine context, e.g. in Constant Editor.
This patch removes the introduced FormEngine handling and uses minicolors'
events to fix the original reported bug.
Resolves: #88593
Related: #87031
Releases: master, 9.5
Change-Id: Ibb20785785d406bc113035f79bec95d9788866ab
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61094
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Jonas Eberle <flightvision@googlemail.com>
Tested-by: Joerg Kummer <typo3@enobe.de>
Tested-by: Daniel Goerz <daniel.goerz@posteo.de>
Reviewed-by: Markus Klein <markus.klein@typo3.org>
Reviewed-by: Susanne Moog <look@susi.dev>
Reviewed-by: Daniel Goerz <daniel.goerz@posteo.de>
Sven Juergens [Mon, 24 Jun 2019 13:11:17 +0000 (15:11 +0200)]
[BUGFIX] Correct global/multiple icon in listview
Resolves: #88620
Releases: master, 9.5
Correct global/multiple icon in listview
Change-Id: Id613f06d24148851d428c61c1166fabef1ad65af
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61121
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Benni Mack <benni@typo3.org>
Tested-by: Simon Gilli <typo3@gilbertsoft.org>
Tested-by: Daniel Goerz <daniel.goerz@posteo.de>
Reviewed-by: Benni Mack <benni@typo3.org>
Reviewed-by: Simon Gilli <typo3@gilbertsoft.org>
Reviewed-by: Daniel Goerz <daniel.goerz@posteo.de>
Benni Mack [Wed, 12 Jun 2019 11:04:35 +0000 (13:04 +0200)]
[BUGFIX] Consider translated pages in workspaces
This issue was raised that translated pages do not
show up in the list of records to be published/staged,
as translated pages are in the same table.
So, page handling needs to consider l10n_parent fields,
and check for the UID/l10n_parent, whereas other records
(like pages_language_overlay before) only are checked for
the "pid".
Resolves: #88446
Releases: master, 9.5
Change-Id: I9fe0b0290d4dd52104e15a08bb55e0aa7ab7473c
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60944
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: matseriks <mats@pixelant.se>
Tested-by: Daniel Goerz <daniel.goerz@posteo.de>
Reviewed-by: matseriks <mats@pixelant.se>
Reviewed-by: Daniel Goerz <daniel.goerz@posteo.de>
Benni Mack [Tue, 18 Jun 2019 09:53:20 +0000 (11:53 +0200)]
[BUGFIX] Do not rely on TYPO3_MODE for FE/BE checks
In order to run a subrequest in Frontend,
TYPO3_MODE kills most of the functionality.
Although it is clear, that TYPO3 Core is not 100% there
yet, some very obvious changes can actually be replaced
with simple TSFE checks instead of TYPO3_MODE.
This is only focused on rendering content (Fluid),
and this happens in FE after TSFE is initialized, for eID
scripts, this would break already.
Resolves: #88581
Releases: master, 9.5
Change-Id: I9c97da60e7df572290e54d53da5eb8dac69e8f7e
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61084
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Daniel Gorges <daniel.gorges@b13.de>
Tested-by: Daniel Goerz <daniel.goerz@posteo.de>
Reviewed-by: Alexander Schnitzler <review.typo3.org@alexanderschnitzler.de>
Reviewed-by: Daniel Gorges <daniel.gorges@b13.de>
Reviewed-by: Daniel Goerz <daniel.goerz@posteo.de>
Daniel Siepmann [Wed, 26 Jun 2019 16:37:33 +0000 (18:37 +0200)]
[BUGFIX] Display titles of changelog properly
As `\` is escaping, there has to be an additional `\` in front, in
order to display the `\` as expected.
Resolves: #88634
Releases: master, 9.5
Change-Id: I790079dd3de6e0a3ceb6ebfb93e1a52ad9bb4249
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61154
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Alexander Schnitzler <review.typo3.org@alexanderschnitzler.de>
Tested-by: Daniel Goerz <daniel.goerz@posteo.de>
Reviewed-by: Alexander Schnitzler <review.typo3.org@alexanderschnitzler.de>
Reviewed-by: Mathias Brodala <mbrodala@pagemachine.de>
Reviewed-by: Daniel Goerz <daniel.goerz@posteo.de>
Benni Mack [Tue, 25 Jun 2019 04:45:16 +0000 (06:45 +0200)]
[BUGFIX] Use Context API for TemplateService->versionOL
The Context API can be used now within
TemplateService to fetch a version overlay, which now
only relies on the PageRepository (which also uses Context API),
to avoid certain magic detection of Frontend/Backend mode.
TemplateService is only used to fetch sys_template
records in this use-case.
Resolves: #88626
Releases: master
Change-Id: I5f6526868af090915748031d50eeaf245049e655
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61126
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Daniel Gorges <daniel.gorges@b13.de>
Tested-by: Daniel Goerz <daniel.goerz@posteo.de>
Reviewed-by: Daniel Gorges <daniel.gorges@b13.de>
Reviewed-by: Daniel Goerz <daniel.goerz@posteo.de>
Benni Mack [Mon, 3 Jun 2019 11:12:02 +0000 (13:12 +0200)]
[BUGFIX] Simplify item states in Menu Generation
The same if() loop is used for checking menu generation item states
(ACT/IFSUB etc), this can be very much simplified by using
a loop over the available item states which are now defined
as a constant.
Resolves: #88477
Releases: master
Change-Id: If8b7ddbcb2d367954d5757d2957bea6b34f8ed60
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60865
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Susanne Moog <look@susi.dev>
Tested-by: Daniel Gorges <daniel.gorges@b13.de>
Tested-by: Benni Mack <benni@typo3.org>
Reviewed-by: Susanne Moog <look@susi.dev>
Reviewed-by: Daniel Gorges <daniel.gorges@b13.de>
Reviewed-by: Benni Mack <benni@typo3.org>
Benni Mack [Thu, 27 Jun 2019 11:25:48 +0000 (13:25 +0200)]
[BUGFIX] Fix ExtensionScanner mismatch
Due to #88498 a bug within the Extension
Scanner was introduced where the scanner
did not find the expected results due to
wrong information.
Resolves: #88639
Related: #88498
Releases: master
Change-Id: I47f0393fafd4860f058eeba6828b5143b6e1b8c2
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61157
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Benni Mack <benni@typo3.org>
Reviewed-by: Benni Mack <benni@typo3.org>
Sascha Egerer [Tue, 18 Jun 2019 14:43:18 +0000 (16:43 +0200)]
[BUGFIX] Use late static binding return type for Enumeration::cast
The return type annotation must be `static` instead of `self` as the
method returns an instance of the inheriting class.
Do also replace some occurrences of get_calling_class()
by static::class
Resolves: #88587
Releases: master, 9.5, 8.7
Change-Id: Ib14d016ef733b94ed5a732ed36af8fcfcdee149b
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61086
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Alexander Schnitzler <review.typo3.org@alexanderschnitzler.de>
Tested-by: Benni Mack <benni@typo3.org>
Reviewed-by: Alexander Schnitzler <review.typo3.org@alexanderschnitzler.de>
Reviewed-by: Oliver Klee <typo3-coding@oliverklee.de>
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Reviewed-by: Benni Mack <benni@typo3.org>
Benni Mack [Tue, 25 Jun 2019 04:16:15 +0000 (06:16 +0200)]
[BUGFIX] Remove non-existing "pseudo-site" logic
There are some leftovers where PseudoSite is mentioned.
Since TYPO3 v10.0 is built on Site Handling completely,
this logic is removed.
Resolves: #88625
Releases: master
Change-Id: I9f3b3a6c9a4bf29c2b509246c02d64aa5f536b4e
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61123
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Daniel Gorges <daniel.gorges@b13.de>
Tested-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Reviewed-by: Daniel Gorges <daniel.gorges@b13.de>
Reviewed-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Benni Mack [Wed, 29 May 2019 20:49:25 +0000 (22:49 +0200)]
[TASK] Ensure PageArgumentValidator is not dependent on TSFE
Checking if cHash matches any GET parameters can be
done without $TSFE->cHash_array and $TSFE->hash as
all data is built inside PageArguments already.
However, $TSFE->cHash_array is still necessary and
filled as before when ->setPageArguments() is called.
This is a precursor to re-structure the dependencies within
TSFE and PSR-15 middlewares.
Resolves: #88460
Releases: master
Change-Id: I43c2fdc1049d451b3fc9bc06a57b744703a7a323
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60841
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Daniel Gorges <daniel.gorges@b13.de>
Tested-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Daniel Gorges <daniel.gorges@b13.de>
Reviewed-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Benni Mack [Tue, 9 Apr 2019 15:34:08 +0000 (17:34 +0200)]
[TASK] Unify Backend Route paths for modules
Modules which do not set a proper route path themselves
now have a different route path, basically "/module/file/list"
for example, whereas there is a proper prefix with
"/module/" and no trailing slash anymore.
It is still possible to build links to the route paths,
and resolve them properly.
The "old" route paths will stop working in TYPO3 v11.0.
Resolves: #82669
Releases: master
Change-Id: If976df458e87b1199933cf1c42c5d3d8ff2407ba
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60433
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Susanne Moog <look@susi.dev>
Tested-by: Daniel Gorges <daniel.gorges@b13.de>
Tested-by: Benni Mack <benni@typo3.org>
Reviewed-by: Susanne Moog <look@susi.dev>
Reviewed-by: Daniel Gorges <daniel.gorges@b13.de>
Reviewed-by: Benni Mack <benni@typo3.org>
Benni Mack [Wed, 19 Jun 2019 14:04:13 +0000 (16:04 +0200)]
[TASK] Use generators for service objects in Authentication
The introduction of the Session Framework API in v8
introduced generators for fetching authentication service
objects within `AbstractUserAuthentication`.
Some places were however forgotten, which can
safely replaced with the `$this->getAuthServices()`
method.
Resolves: #88594
Releases: master
Change-Id: I987150be574232b549340f4766bb963baa17fd60
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61095
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Alexander Schnitzler <review.typo3.org@alexanderschnitzler.de>
Tested-by: Daniel Gorges <daniel.gorges@b13.de>
Tested-by: Benni Mack <benni@typo3.org>
Reviewed-by: Alexander Schnitzler <review.typo3.org@alexanderschnitzler.de>
Reviewed-by: Daniel Gorges <daniel.gorges@b13.de>
Reviewed-by: Benni Mack <benni@typo3.org>
Oliver Hader [Tue, 25 Jun 2019 06:42:25 +0000 (08:42 +0200)]
[SECURITY] Disallow insecure deserialization for l18n_diffsource
Serialized values in l18n_diffsource are vulnerable to insecure
deserialization when being invoked in FormEngine or DataHandler.
Resolves: #88323
Releases: master, 9.5, 8.7
Security-Commit:
215de3e52140dc69ccb0e5802ab4234922b1aa63
Security-Bulletin: TYPO3-CORE-SA-2019-020
Change-Id: I03704b35d94e2575e9231656977f3760e6f04e2b
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61146
Tested-by: Oliver Hader <oliver.hader@typo3.org>
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Oliver Hader [Tue, 25 Jun 2019 06:42:09 +0000 (08:42 +0200)]
[SECURITY] Deny pages' TSconfig and tsconfig_includes for non-admins
Fields `TSconfig` and `tsconfig_includes` of table `pages` can be
misused by restricted users to contain malicious instructions and
lead to cross-site scripting as well as arbitrary code execution.
Since user input cannot be sanitized properly, the field is now
available for admin users only. In addition directory traversal
in TSconfig static includes has been mitigated.
Resolves: #88565
Releases: master, 9.5, 8.7
Security-Commit:
b4ab9cd1f0539b3af675b94aa01d26e5c4b3a1d9
Security-Bulletin: TYPO3-CORE-SA-2019-019
Change-Id: I712364fde6a76ad761a0b738756cb151dc5c22e1
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61145
Tested-by: Oliver Hader <oliver.hader@typo3.org>
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Oliver Hader [Tue, 25 Jun 2019 06:41:55 +0000 (08:41 +0200)]
[!!!][SECURITY] Disallow session data transfer on frontend user logout
When frontend users logged out their session data (e.g. shopping cart)
was transfered into an anonymous session. This session could have been
reused by a different user working with the very same browser.
In order to enhance security aspects on this topic session data is
purged when an according frontend user is logging out. Since this might
be breaking for some scenarios a new feature toggle has been introduced
which allows to keep the previous behavior:
boolean 'security.frontend.keepSessionDataOnLogout'
in $GLOBALS['TYPO3_CONF_VARS']['SYS']['features']
Resolves: #88139
Releases: master, 9.5, 8.7
Security-Commit:
89c45f80388f24f08f827c474daa5ab8fda63da2
Security-Bulletin: TYPO3-CORE-SA-2019-018
Change-Id: I869f3bee7c6bf6e2ae51bcd86273b6abc15f09c5
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61144
Tested-by: Oliver Hader <oliver.hader@typo3.org>
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Oliver Hader [Tue, 25 Jun 2019 06:41:42 +0000 (08:41 +0200)]
[SECURITY] Deny access to import module for non-admin users
Due to an incomplete condition it was possible for regular
backend users to make use of the import module - which only
would be accessible to admin users or to those users have
User TSconfig `options.impexp.enableImportForNonAdminUser`
enabled.
Resolves: #88284
Releases: master, 9.5
Security-Commit:
a3ca05df1e9e9269b45daf9dd79517df9d202604
Security-Bulletin: TYPO3-CORE-SA-2019-017
Change-Id: I9ac9a026d5715f9c03eda37f0ef84178640b2f1d
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61143
Tested-by: Oliver Hader <oliver.hader@typo3.org>
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Benni Mack [Tue, 25 Jun 2019 06:41:29 +0000 (08:41 +0200)]
[SECURITY] Conflict insecure versions symfony/cache component
The symfony/cache component is not directly used by the core but
is a dependency of symfony/expression-language which is used in
the core.
The affected symfony/cache packages have been marked as
"conflict" in the composer.json.
See https://symfony.com/blog/cve-2019-10912-prevent-destructors-with-side-effects-from-being-unserialized
Resolves: #88215
Releases: master, 9.5
Security-Commit:
d13c36e9e9951030a0787c63674634a52ff0aae3
Security-Bulletin: TYPO3-CORE-SA-2019-016
Change-Id: If98391ceef88561507d0095d26455a8da128f01e
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61142
Tested-by: Oliver Hader <oliver.hader@typo3.org>
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Oliver Hader [Tue, 25 Jun 2019 06:41:16 +0000 (08:41 +0200)]
[SECURITY] Disallow javascript & data scheme in URL link handler
URLs defined using TYPO3's internal t3://url/?url=... notation are
now hardened against using `javascript:` and`data:` URL schemes.
Resolves: #88476
Releases: master, 9.5, 8.7
Security-Commit:
1a873c662524a62b192661da45d27e223e517d18
Security-Bulletin: TYPO3-CORE-SA-2019-015
Change-Id: Ia9ca8784a1779492762e5a36fcb1ada67bb6c56a
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61141
Tested-by: Oliver Hader <oliver.hader@typo3.org>
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Andreas Fernandez [Tue, 25 Jun 2019 06:41:03 +0000 (08:41 +0200)]
[SECURITY] Check record permissions in record information popup
The ElementInformationController now checks a backend user has sufficient
permissions to see each referenced record.
Resolves: #88317
Releases: master, 9.5, 8.7
Security-Commit:
4322d6b827c09b98b35ab4ef47753e9c20f7f117
Security-Bulletin: TYPO3-CORE-SA-2019-014
Change-Id: I49d077e5628465111b4460dd3cb673182d09eaa0
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61140
Tested-by: Oliver Hader <oliver.hader@typo3.org>
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Benni Mack [Fri, 17 May 2019 11:06:49 +0000 (13:06 +0200)]
[!!!][TASK] Remove TCEMAIN.previewDomain
The functionality to set a custom TCEMAIN.previewDomain via
PageTS is not in use anymore as SiteHandling
is using the proper domain anyway already.
Conceptually this does not work anymore, as the base (domain + path prefix)
determines Language + Site / PageTree entry point. Setting
this to something else via TCEMAIN.previewDomain would not work
anyways, so this hack is removed, as we now can safely
determine the full (speaking) URL with Site Handling.
In addition, the method BackendUtility::getViewDomain()
is now deprecated.
Resolves: #88499
Releases: master
Change-Id: Id88c16e2e86ccce8a2e7be02af0e2a39802624c0
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60773
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Susanne Moog <look@susi.dev>
Tested-by: Daniel Gorges <daniel.gorges@b13.de>
Tested-by: Benni Mack <benni@typo3.org>
Reviewed-by: Susanne Moog <look@susi.dev>
Reviewed-by: Daniel Gorges <daniel.gorges@b13.de>
Reviewed-by: Benni Mack <benni@typo3.org>
Alexander Schnitzler [Thu, 20 Jun 2019 11:26:31 +0000 (13:26 +0200)]
[TASK] Follow-up: Change BitSet class doc block
In order to have a meaningful class doc block for the
BitSet class, the former doc block has been replaced
with an explanation of how to use the BitSet class.
The explanation is similar to the one in the rst file
which has been introduced along the class.
Releases: master
Resolves: #88611
Releates: #88596
Change-Id: Ie6c5043a38db612f050438123ab9cd12d8030e9c
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61100
Reviewed-by: Oliver Klee <typo3-coding@oliverklee.de>
Reviewed-by: Björn Jacob <bjoern.jacob@tritum.de>
Reviewed-by: Alexander Schnitzler <typo3@alexanderschnitzler.de>
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Björn Jacob <bjoern.jacob@tritum.de>
Tested-by: Alexander Schnitzler <typo3@alexanderschnitzler.de>
Benni Mack [Fri, 21 Jun 2019 11:01:51 +0000 (13:01 +0200)]
[TASK] Remove backend user ID from workspace preview config
The configuration within `sys_preview` contained the
Backend User ID. Previously, until TYPO3 v9, this was
used to simulate a backend user with his/her permissions,
however this was changed with the introduction of Middlewares
and a custom PreviewUserAuthentication object.
This information does not need to be stored, as it hasn't
been evaluated anymore anyways.
Resolves: #88601
Releases: master
Change-Id: I2b3c4979f38a3c1343a0f5bff3c2bd762affc0e1
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61108
Tested-by: Daniel Goerz <daniel.goerz@posteo.de>
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Alexander Schnitzler <typo3@alexanderschnitzler.de>
Tested-by: Benni Mack <benni@typo3.org>
Reviewed-by: Daniel Goerz <daniel.goerz@posteo.de>
Reviewed-by: Alexander Schnitzler <typo3@alexanderschnitzler.de>
Reviewed-by: Benni Mack <benni@typo3.org>
Joerg Kummer [Sun, 23 Jun 2019 22:22:32 +0000 (00:22 +0200)]
[BUGFIX] Fix comment in ViewHelper action.link
Correct closing tag in PHP comment example.
Resolves: #88619
Releases: master, 9.5
Change-Id: Ic90351399eccc4435231bbd4ccbc74c33727d70c
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61120
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Björn Jacob <bjoern.jacob@tritum.de>
Tested-by: Daniel Siepmann <daniel.siepmann@typo3.org>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Björn Jacob <bjoern.jacob@tritum.de>
Reviewed-by: Daniel Siepmann <daniel.siepmann@typo3.org>
Reviewed-by: Oliver Klee <typo3-coding@oliverklee.de>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Alexander Schnitzler [Wed, 19 Jun 2019 16:26:23 +0000 (18:26 +0200)]
[TASK] Move BitSet class into different namespace
The BitSet class has been put into a DataStructure
namespace although the core puts classes of these
kind into a Type namespace. Therefore, the class
has been moved.
Releases: master
Resolves: #88596
Change-Id: I18385a5c761e002f36bc33dcaeeb26ce7f6d187e
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61098
Reviewed-by: Oliver Klee <typo3-coding@oliverklee.de>
Reviewed-by: Mathias Brodala <mbrodala@pagemachine.de>
Reviewed-by: Benni Mack <benni@typo3.org>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Benni Mack <benni@typo3.org>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Tested-by: Alexander Schnitzler <typo3@alexanderschnitzler.de>
Daniel Siepmann [Fri, 21 Jun 2019 07:12:45 +0000 (09:12 +0200)]
[TASK] Rename "view helper" to "ViewHelper"
As this is what its called. This also should make searches easier, as
there is only one way to write it.
Relates: #88600
Releases: master, 9.5
Change-Id: Ib6fcd4402b4a34aeaf0735a40788a18a324587dd
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61103
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Christian Kuhn <lolli@schwarzbu.ch>
Tested-by: Tom Warwick <tom.warwick@typo3.org>
Tested-by: Björn Jacob <bjoern.jacob@tritum.de>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Christian Kuhn <lolli@schwarzbu.ch>
Reviewed-by: Claus Due <claus@phpmind.net>
Reviewed-by: Björn Jacob <bjoern.jacob@tritum.de>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Helmut Hummel [Fri, 19 Apr 2019 16:03:31 +0000 (18:03 +0200)]
[BUGFIX] Remove caches for page title and meta tag
By concept for frontend rendering the page title and meta tags
are not meant to be stored in page cache in order to allow
non cachable plugins to modify those.
Currently both page title and meta tags are stored
in separate cache entries, which violates the concept above
and unnecessarily tightly couples those code parts to the
TypoScriptFrontendController and internal logic of it.
This patch removes these caches.
In order to properly handle the uncached rendering state,
we make sure the meta tag registry is properly
serialized with all managers.
Resolves: #88179
Releases: master, 9.5
Change-Id: If5200398bf9ab9db09ab97403c976d82cb33d01d
Signed-off-by: Frank Naegler <frank.naegler@typo3.org>
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60520
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Helmut Hummel <typo3@helhum.io>
Tested-by: Richard Haeser <richard@maxserv.com>
Reviewed-by: Helmut Hummel <typo3@helhum.io>
Reviewed-by: Richard Haeser <richard@maxserv.com>
Susanne Moog [Wed, 12 Jun 2019 11:15:28 +0000 (13:15 +0200)]
[BUGFIX] Use var path from Environment in tests
Some tests still use hardcoded 'typo3temp' for creating files and folders.
Where possible, this has been changed to use varPath from Environment class
instead.
Resolves: #88551
Releases: master
Change-Id: I2d9a8edfb3fb33cc8f86f8e487603d0c72ef3ff0
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60946
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Frank Naegler <frank.naegler@typo3.org>
Tested-by: Benni Mack <benni@typo3.org>
Reviewed-by: Frank Naegler <frank.naegler@typo3.org>
Reviewed-by: Benni Mack <benni@typo3.org>
Benni Mack [Wed, 19 Jun 2019 16:21:39 +0000 (18:21 +0200)]
[TASK] Update symfony components
In preparation for our next maintenance
release, symfony components are updated
to their latest versions.
Composer Command:
composer update symfony/* --with-all-dependencies
Resolves: #88595
Releases: master, 9.5
Change-Id: Ib380cbe7fec57488bf0ca10328486bc9c5fcbd5c
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61096
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Alexander Schnitzler <typo3@alexanderschnitzler.de>
Tested-by: Markus Klein <markus.klein@typo3.org>
Tested-by: Benni Mack <benni@typo3.org>
Reviewed-by: Alexander Schnitzler <typo3@alexanderschnitzler.de>
Reviewed-by: Markus Klein <markus.klein@typo3.org>
Reviewed-by: Benni Mack <benni@typo3.org>
Oliver Hader [Thu, 6 Jun 2019 17:31:40 +0000 (19:31 +0200)]
[BUGFIX] Remove "cache_" prefix from cache configuration keys
With #88366 "cache_" prefix has been deprecated. However, when
retrieving a deprecated cache like "cache_subject" its identifier
gets transformed to just "subject" which is (probably) not available
in cache configuration keys. That's why keys of cache configurations
have to be transformed as well.
Resolves: #88512
Releases: master
Change-Id: I224d55e71011a437ed2e990d13b1edbee08770b7
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60892
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Benni Mack <benni@typo3.org>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Benni Mack <benni@typo3.org>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Benni Mack [Mon, 17 Jun 2019 19:39:18 +0000 (21:39 +0200)]
[BUGFIX] Speed up SiteConfiguration loading
Profiling shows that when linking to 100
pages, SiteFinder (which instantiates SiteConfiguration)
is instantiated 100 times. Although SiteFinder information
might change during one request, the SiteConfiguration
does not (except when updating the Configuration via API).
So, a first-level-cache can be used to avoid calls
to "cache_core" multiple times during one request,
and SiteConfiguration can become a Singleton instance.
Resolves: #88577
Releases: master, 9.5
Change-Id: I3d9167da9442d684d32a73d6cf2003c91bdf4d68
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61078
Tested-by: Benjamin Franzke <bfr@qbus.de>
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Daniel Goerz <daniel.goerz@posteo.de>
Tested-by: Benni Mack <benni@typo3.org>
Reviewed-by: Benjamin Franzke <bfr@qbus.de>
Reviewed-by: Daniel Goerz <daniel.goerz@posteo.de>
Reviewed-by: Benni Mack <benni@typo3.org>
Devid Messner [Thu, 13 Dec 2018 14:51:16 +0000 (15:51 +0100)]
[BUGFIX] Add additional GetVars to workspace preview url
Resolves: #87147
Releases: master, 9.5
Change-Id: Ia909104bc663d4191f21cb1bf0e25c0212388e2f
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/59133
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Benni Mack <benni@typo3.org>
Tested-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Reviewed-by: Benni Mack <benni@typo3.org>
Reviewed-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Benni Mack [Mon, 17 Jun 2019 06:37:15 +0000 (08:37 +0200)]
[BUGFIX] Use proper configuration when processing FlexForms in DataHandler
This change removes the "TCEforms" option when parsing
FlexForms data in DataHandler, when dealing with FlexForms
that contain sheets.
This way, FlexForms RTE configuration is properly set
and no double spacings for linebreaks are used.
According to the issue, this only happened when
fields specifically within sheets are configured,
for fields without sheets, this has been working
already.
In order to ensure both cases are working, tests
are applied for both variants.
Resolves: #80778
Resolves: #81748
Releases: master, 9.5, 8.7
Change-Id: I38facfa9e1065d4730f895aa178a049c07c443f8
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60902
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Jan Kornblum <jan.kornblum@gmx.de>
Tested-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Reviewed-by: Jan Kornblum <jan.kornblum@gmx.de>
Reviewed-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Andreas Fernandez [Fri, 7 Jun 2019 11:51:49 +0000 (13:51 +0200)]
[TASK] Install Tool: Move common code into abstract class
All modules of the Install Tool used in modal windows now share a common
abstract class that contains some boilerplate code required for most
modules.
Resolves: #88518
Releases: master
Change-Id: I0c2f03f098c731e5a0c499ce91400c22a8c1f890
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60897
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Jonas Eberle <flightvision@googlemail.com>
Tested-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Reviewed-by: Simon Gilli <typo3@gilbertsoft.org>
Reviewed-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Susanne Moog [Tue, 18 Jun 2019 09:27:10 +0000 (11:27 +0200)]
[TASK] Upgrade TYPO3 testing framework
composer require --dev typo3/testing-framework:~5.0.10
Releases: master
Resolves: #88580
Change-Id: I1dcef11cee0caa730463919146b3732d7838e683
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61081
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Benni Mack <benni@typo3.org>
Reviewed-by: Benni Mack <benni@typo3.org>
Manuel Selbach [Tue, 18 Jun 2019 08:01:03 +0000 (10:01 +0200)]
[TASK] Update doctrine/dbal to ^2.9
doctrine/dbal 2.8.x ran into unmaintained mode:
https://www.doctrine-project.org/projects/dbal.html
We should upgrade to at least 2.9:
composer req doctrine/dbal:^2.9
Resolves: #88579
Releases: master
Change-Id: I18962bd313018abec8e52bada6df9aca6aa4143f
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61080
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Benni Mack <benni@typo3.org>
Tested-by: Susanne Moog <look@susi.dev>
Reviewed-by: Benni Mack <benni@typo3.org>
Reviewed-by: Susanne Moog <look@susi.dev>
Sybille Peters [Tue, 18 Jun 2019 04:38:54 +0000 (06:38 +0200)]
[BUGFIX] Fix comment in ViewHelper page.link
Resolves: #88578
Releases: master, 9.5
Change-Id: I5fc57a9c61d5f02838f3afd3c305ae0b7b037dfc
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61079
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Björn Jacob <bjoern.jacob@tritum.de>
Tested-by: Mathias Brodala <mbrodala@pagemachine.de>
Tested-by: Benjamin Franzke <bfr@qbus.de>
Reviewed-by: Joerg Kummer <typo3@enobe.de>
Reviewed-by: Björn Jacob <bjoern.jacob@tritum.de>
Reviewed-by: Mathias Brodala <mbrodala@pagemachine.de>
Reviewed-by: Benjamin Franzke <bfr@qbus.de>
Benjamin Franzke [Mon, 17 Jun 2019 14:32:31 +0000 (16:32 +0200)]
[BUGFIX] Fix getSiteFinder() mocking in SiteProcessorTest
As it produced a warning:
1) TYPO3\CMS\Frontend\Tests\Unit\DataProcessing\SiteProcessorTest::
nullIsProvidedIfSiteCouldNotBeRetrieved
Trying to configure method "getSiteFinder" which cannot be configured
because it does not exist, has not been specified, is final, or is static
Resolves: #88576
Related: #88568
Releases: master
Change-Id: Icf72100282ce24c87b6bb9f49fc978b6187a817e
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61074
Tested-by: Benni Mack <benni@typo3.org>
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Benjamin Franzke <bfr@qbus.de>
Reviewed-by: Benni Mack <benni@typo3.org>
Reviewed-by: Benjamin Franzke <bfr@qbus.de>
Jonas Eberle [Fri, 14 Jun 2019 19:15:09 +0000 (21:15 +0200)]
[BUGFIX] Improve wording in Install Tool
Rephrases button title and success message for user preference
reset.
Resolves: #88520
Releases: master, 9.5
Change-Id: Ib2d3180a417366249df8fa9c1faa47c74cca022a
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61040
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Tested-by: Tymoteusz Motylewski <t.motylewski@gmail.com>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Tymoteusz Motylewski <t.motylewski@gmail.com>
Manuel Selbach [Thu, 13 Jun 2019 07:50:01 +0000 (09:50 +0200)]
[TASK] Update doctrine/dbal to ^2.8.1
doctrine/dbal 2.8.x ran into unmaintained mode:
https://www.doctrine-project.org/projects/dbal.html
We should upgrade to at least 2.9:
composer req doctrine/dbal:^2.8.1
which installs 2.9.2
Resolves: #88553
Releases: master, 9.5
Change-Id: Id0c20cbb3102b5086e1c4d9dcef1b32fed67db7d
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60994
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Benni Mack <benni@typo3.org>
Tested-by: Susanne Moog <look@susi.dev>
Tested-by: Manuel Selbach <manuel_selbach@yahoo.de>
Reviewed-by: Benni Mack <benni@typo3.org>
Reviewed-by: Susanne Moog <look@susi.dev>
Reviewed-by: Manuel Selbach <manuel_selbach@yahoo.de>
Benni Mack [Mon, 17 Jun 2019 04:50:52 +0000 (06:50 +0200)]
[TASK] Switch Locales to regular singleton instance
Locales resolves the user-defined TYPO3-languages and
its dependencies via TYPO3_CONF_VARS, which are only
finally available when all extensions' ext_localconf.php is included.
For this reason, Locales::initialize() can be deprecated
and moved into the regular constructor, but then the Bootstrap
should not do the initialization anymore, which happens
at the point now, when Locales first gets initialized (which
happens in Frontend within TSFE and PageRenderer and
in Backend within $LANG).
For this reason, it is removed from Bootstrap, where it was
first placed in TYPO3 4.6 when no proper bootstrap
set up was given.
Resolves: #88569
Releases: master
Change-Id: Ife2e248412c1b206abffcdd21df0d01e44834cea
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61046
Tested-by: Benjamin Franzke <bfr@qbus.de>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Tested-by: TYPO3com <noreply@typo3.com>
Reviewed-by: Benjamin Franzke <bfr@qbus.de>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Benni Mack [Fri, 14 Jun 2019 21:27:13 +0000 (23:27 +0200)]
[TASK] Replace SiteMatcher with SiteFinder where applicable
SiteMatcher is a container around SiteFinder now as PseudoSite
handling was removed, so SiteFinder can be used directly.
Resolves: #88568
Releases: master
Change-Id: Ib0f5a42351ed5c11c25458b74074b80f5c574bbd
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61043
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Tested-by: Benjamin Franzke <bfr@qbus.de>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Benjamin Franzke <bfr@qbus.de>
Alexander Schnitzler [Tue, 19 Mar 2019 14:21:54 +0000 (14:21 +0000)]
[!!!][TASK] Do not magically register validators
This patch removes the automatical registration of two types
of validators.
- model validators
- type validators
Model validators are those validators that follow a specific
namespace and class naming derived from domain models.
Given a model \Vendor\Extension\Domain\Model\Foo, extbase searched
for a valiator \Vendor\Extension\Domain\Validator\FooValidator.
If it existed, it had been registered automatically and could not
be disabled at all.
Type validators are similiar to model validators. Given a non
model action parameter or model property like int, string, float,
DateTime and such, extbase searched for validators in the
namespace TYPO3\CMS\Extbase\Validation\Validator.
There is a TYPO3\CMS\Extbase\Validation\Validator\StringValidator
for example which had been registered for string type params and
properties.
Said validators could not be disabled at all.
There are several reasons why the automatic registration has been
removed:
- First of all, this behaviour led to an unknown amount of actual
registered validators. Developers that are new or simply not
familiar with the concept of validation magic could easily
become frustrated.
- Then there is the problem that validation takes place, no matter
if it was needed or wanted. A domain validator, which looked
quite handy in the first place, had to be reduced to the
validation logic that would fit all cases where according
objects had been passed into methods. No matter the context.
The context however matters a lot. One might want to have
different validation rules depending on if objects are
created, updated or deleted. This distinction was impossible
and therefore model validators could be a burden.
- Last but not least, the automatic registration is a problem
when introducing validation groups. Validation groups cover
the context aspect mentioned earlier. By grouping validations
one can create and register different validators and apply
them given by contexts like create, update, delete and such.
Releases: master
Resolves: #87957
Change-Id: If8f590a1bedb428c8884cd61828d8cc671ee92e1
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60298
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Stefan Froemken <froemken@gmail.com>
Tested-by: Benni Mack <benni@typo3.org>
Reviewed-by: Stefan Froemken <froemken@gmail.com>
Reviewed-by: Benni Mack <benni@typo3.org>
Susanne Moog [Wed, 12 Jun 2019 10:55:11 +0000 (12:55 +0200)]
[BUGFIX] Fix tests on windows
Some unit tests still have problems on Windows.
- setlocale will not error even if the locale is not found
- file permissions don't work the same as the unix style version
- absolute paths do not start with a slash
- files from finder may contain mixed slashes - generating different hash values when used as key
Tests have either been adjusted to accomodate the differing behaviour or
skipped if appropriate.
Resolves: #88552
Releases: master
Change-Id: I32344c2a0a0797db087a3ccad45d3b626715ab77
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60945
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Benjamin Kott <benjamin.kott@outlook.com>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Benjamin Kott <benjamin.kott@outlook.com>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Benni Mack [Fri, 14 Jun 2019 10:49:14 +0000 (12:49 +0200)]
[!!!][TASK] Drop PageTS "TSFE.constants" functionality
When parsing TypoScript, PageTSconfig and UserTSconfig
is taking into account for evaluting if "TSFE.constants" is
set in PageTSconfig. If this is used, this acts as a default
constant.
However, this feature has various drawbacks, and has been
superseded by actually having constants globally (FE/BE) and via
Conditions available.
For frontend calls with empty pagesection caches, this improves
performance greatly, especially in pages on a deeper level (recursion).
This also reduces the footprint to have the TypoScriptParser (incl.
condition matching) being called too often.
Resolves: #88564
Releases: master
Change-Id: Icbdfa9918a9a79510a87198bf033c4de96d71107
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61034
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Georg Ringer <georg.ringer@gmail.com>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Georg Ringer <georg.ringer@gmail.com>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Georg Ringer [Thu, 13 Jun 2019 09:36:40 +0000 (11:36 +0200)]
[TASK] Deprecate unused methods of VersionNumberUtility
The following methods of `\TYPO3\CMS\Core\Utility\VersionNumberUtility`
are unused and can be deprecated:
- `splitVersionRange`
- `raiseVersionNumber`
- `convertIntegerToVersionNumber`
Resolves: #88554
Releases: master
Change-Id: I28378a39d7cae4d2ae09cfb6a85c5d294565a2f7
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60997
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Markus Klein <markus.klein@typo3.org>
Tested-by: Benni Mack <benni@typo3.org>
Reviewed-by: Markus Klein <markus.klein@typo3.org>
Reviewed-by: Oliver Klee <typo3-coding@oliverklee.de>
Reviewed-by: Benni Mack <benni@typo3.org>
Benni Mack [Tue, 4 Jun 2019 11:00:44 +0000 (13:00 +0200)]
[!!!][TASK] Re-organize variable initialization for User Authentication
There are a lot of places where AbstractUserAuthentication
and the dependents (BE/FE user auth) set various settings,
both in the constructor and the start() method.
All possible settings are now moved to the constructor,
or to dependent properties in subclasses.
Some changes are now in place:
- UserAuth->loginType must be set now (which was previously
in start()). This is now checked in the constructor.
- Most of the variables (sessionTimeout/sessionDateLifetime) are
now set and evaluated inside the constructor, making start()
much simpler to understand and read.
Resolves: #88527
Releases: master
Change-Id: Ie03b8b93f869f5bafae8f660d6c983bec308f2fa
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60875
Reviewed-by: Markus Klein <markus.klein@typo3.org>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Georg Ringer <georg.ringer@gmail.com>
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Tested-by: Georg Ringer <georg.ringer@gmail.com>
Andreas Fernandez [Fri, 7 Jun 2019 15:52:39 +0000 (17:52 +0200)]
[BUGFIX] t3editor: Harden some checks for TS parsing
Resolves: #88262
Resolves: #85346
Releases: master, 9.5
Change-Id: Ia72ef1b670841d90ec0251c99b7f4d3dc1e7770a
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60900
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Riccardo De Contardi <erredeco@gmail.com>
Tested-by: Sven Juergens <typo3@blue-side.de>
Tested-by: Georg Ringer <georg.ringer@gmail.com>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Georg Ringer <georg.ringer@gmail.com>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Benni Mack [Sat, 8 Jun 2019 18:20:40 +0000 (20:20 +0200)]
[TASK] Create Redirect instead of silently ignoring superfluous cHash
Introduced with https://review.typo3.org/c/Packages/TYPO3.CMS/+/60895
cHash's that are used within the URL but not needed
anymore, should rather create a redirect instead
of silently unsetting the cHash argument.
Related: #41033
Resolves: #88531
Releases: master, 9.5
Change-Id: Iaae3e72160c055f8848942d506f7cc3e25d31af4
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60905
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Nicole Cordes <typo3@cordes.co>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Nicole Cordes <typo3@cordes.co>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Benni Mack [Thu, 13 Jun 2019 13:37:43 +0000 (15:37 +0200)]
[!!!][TASK] Remove config.htmlTag TypoScript properties
The two TypoScript options
* config.htmlTag_langKey
* config.htmlTag_dir
have been removed, as they have no effect anymore in TYPO3 v10,
which only works with Site Handling.
Site Handlings "direction" and "twoLetterIsoCode" are already
in place and used when Site Handling is active.
Resolves: #88560
Releases: master
Change-Id: I8ef2a8b8ccd9c790fd7db940e908e8a362ec4ca3
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61003
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Tested-by: Benni Mack <benni@typo3.org>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Reviewed-by: Benni Mack <benni@typo3.org>
Benni Mack [Thu, 13 Jun 2019 09:42:17 +0000 (11:42 +0200)]
[TASK] Streamline TSFE/RequestHandler for "Page Generation"
Various documentation in TSFE is updated,
in addition to having $TSFE->setAbsRefPrefix()
to be set within the postProcessing to overcome
issues when the call is forgotten in custom
TSFE instances.
Resolves: #88555
Releases: master
Change-Id: Ib3ce22db1e6ce7b0985d486d584c26f25755efa4
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60998
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Georg Ringer <georg.ringer@gmail.com>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Georg Ringer <georg.ringer@gmail.com>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Dmytro Nozdrin [Thu, 16 May 2019 18:06:49 +0000 (21:06 +0300)]
[BUGFIX] Fix page caching with tree.rootLineIds condition check
Conditions with `tree.rootLineIds` if matched caused page cache
regeneration on each request.
Resolves: #88374
Releases: master, 9.5
Change-Id: I5a9a2a429a80575b654a6894a3515c8ca8ec8db4
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60771
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Benjamin Kott <benjamin.kott@outlook.com>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Benjamin Kott <benjamin.kott@outlook.com>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Benni Mack [Wed, 12 Jun 2019 05:14:32 +0000 (07:14 +0200)]
[!!!][TASK] Move Frontend User session saving into Middleware
For further TSFE-related changes, the frontend request
workflow now stores user-/session-related information
in the middleware.
This is a first step in order to reduce the dependencies
of TSFE + FrontendUserAuthentication.
This patch is breaking as certain hooks (like EOFE)
do not have session data stored anymore.
Related: #88540
Resolves: #88541
Releases: master
Change-Id: I1e9a66b759d6edfd4c0e5a8ede02aa7a73b65b0f
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60939
Tested-by: Georg Ringer <georg.ringer@gmail.com>
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Georg Ringer <georg.ringer@gmail.com>
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Benni Mack [Wed, 12 Jun 2019 20:19:37 +0000 (22:19 +0200)]
[TASK] Set 'loginSecurityLevel' to normal by default
The only occurrence for 'loginSecurityLevel' checks for empty and falls back
to 'normal' (also defined in #81852 this must be set to normal).
Single usage in AbstractUserAuthentication:
trim($GLOBALS['TYPO3_CONF_VARS'][$this->loginType]['loginSecurityLevel']) ?: 'normal';
Instead of having this set to "factory configuration", (= writing to
LocalConfiguration.php on new installation), this can be set to 'normal'
in DefaultConfiguration directly.
EXT:rsaauth can be configured to set this to "rsa" in an instance
with RSA enabled (and has already done so before).
The main benefit is that this option (if set to "normal") can be
removed from LocalConfiguration if set to "normal" as it is then
taken from DefaultConfiguration.php
Resolves: #88549
Releases: master
Change-Id: I2f8c088230b334a03c5acf9d09721dd42e67c059
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60972
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Markus Klein <markus.klein@typo3.org>
Tested-by: Georg Ringer <georg.ringer@gmail.com>
Reviewed-by: Markus Klein <markus.klein@typo3.org>
Reviewed-by: Georg Ringer <georg.ringer@gmail.com>
Gianluigi Martino [Mon, 3 Jun 2019 07:09:26 +0000 (09:09 +0200)]
[TASK] Add title to topbar buttons
Add title to the two topbar buttons on the left:
- Minimize/maximize module menu
- Collapse page tree
Resolves: #88385
Releases: master, 9.5
Change-Id: I9641bdf5454f1f50e6c4ab67c96f663b8b5d8c73
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60862
Tested-by: Daniel Goerz <daniel.goerz@posteo.de>
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Sybille Peters <sypets@gmx.de>
Tested-by: Georg Ringer <georg.ringer@gmail.com>
Reviewed-by: Daniel Goerz <daniel.goerz@posteo.de>
Reviewed-by: Sybille Peters <sypets@gmx.de>
Reviewed-by: Oliver Klee <typo3-coding@oliverklee.de>
Reviewed-by: Georg Ringer <georg.ringer@gmail.com>
Benni Mack [Tue, 16 Apr 2019 06:36:50 +0000 (08:36 +0200)]
[!!!][TASK] Remove "createDirs" directive of extension installation
Extensions should make use of TYPO3's native functionality for
using FAL-based folders, or the Environment API and TYPO3's File
APIs to create folders when needed.
The ext_emconf.php option "createDirs" option is removed,
and not evaluted anymore.
The public method `ensureConfiguredDirectoriesExist` in FileHandling
Utility is removed, however the class is marked as internal.
This change is a pre-work for the CLI Initiative where there
are currently workarounds in using this functionality for "activating"
an extension.
Resolves: #88525
Releases: master
Change-Id: I52ec31da541d3740977068981944bd5a1dd0d2f7
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60485
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Tested-by: Georg Ringer <georg.ringer@gmail.com>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Georg Ringer <georg.ringer@gmail.com>
Benni Mack [Thu, 6 Jun 2019 05:02:34 +0000 (07:02 +0200)]
[!!!][TASK] Drop image support in RTE handling
With the introduction of CKEditor in TYPO3 v8, the support
for images in RTEs is dropped, however functionality was kept
for compatibility with RTEHtmlArea, which was still available in TYPO3 v8
as separate extension.
The functionality to handle images in CKEditor is possible to
be applied again, however, as this cannot be managed properly
via FAL in its current state, the previous functionality is remvoed
from Core. Separate CKEditor extensions as already published,
are able to manage the image handling in CKEditor directly already.
Dropped
* setting TYPO3_CONF_VARS[BE][RTE_imageStorageDir]
* transformation setting "ts_images".
* softref "images" logic
* ImportExport->getRTEoriginalFilename()
* RteHtmlParser->TS_images_rte()
* CLI Command: cleanup:rteimages and Class RteImagesCommand
Resolves: #88500
Releases: master
Change-Id: Ie564b19a7d0f9b7d46398094c8d7ecd845e31a65
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60886
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Daniel Gorges <daniel.gorges@b13.de>
Tested-by: Benni Mack <benni@typo3.org>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Daniel Gorges <daniel.gorges@b13.de>
Reviewed-by: Benni Mack <benni@typo3.org>
Jonas Eberle [Mon, 27 May 2019 19:34:10 +0000 (21:34 +0200)]
[BUGFIX] Allow same configuration key in multiple extensions
Fix two issues in the extension configuration tool if more than one
extension is using the same configuration key:
* Remove duplicate HTML IDs in extension configuration tool
* Correctly add hidden fields with value=0 for checkboxes within every
sub-<form>, not only on first occurence (first extension) of any given
configuration key
Resolves: #88426
Releases: master, 9.5
Change-Id: Ifbdb3b495443aa5521a4b5265ae3c29c2bc222b8
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60831
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Guido Schmechel <guido.schmechel@brandung.de>
Tested-by: Benni Mack <benni@typo3.org>
Reviewed-by: Guido Schmechel <guido.schmechel@brandung.de>
Reviewed-by: Benni Mack <benni@typo3.org>
Anja Leichsenring [Sat, 8 Jun 2019 09:41:31 +0000 (11:41 +0200)]
[BUGFIX] Tests broken with phpunit 8.2
Switching from accessibleMock to prophecy resolves
a lot of failures.
Also, using a concrete instance instead accessibleMockForAbstractClass
reduces issues.
Resolves: #88530
Releases: master, 9.5
Change-Id: I102597f74a98443fe139a76b8f168abf61349e3d
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60903
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Tested-by: Susanne Moog <look@susi.dev>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Susanne Moog <look@susi.dev>
Stephan Großberndt [Mon, 10 Jun 2019 15:35:15 +0000 (17:35 +0200)]
[TASK] Update GitHub description in CONTRIBUTING.md
Releases: master
Resolves: #88535
Change-Id: Ibeb645965840c8c4e78f5e4d13272db32e9fc308
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60933
Tested-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Reviewed-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Andreas Fernandez [Sun, 9 Jun 2019 13:31:47 +0000 (15:31 +0200)]
[BUGFIX] Allow adding content without page edit permissions in record list
If a backend usergroup has no permission to edit page properties, the
wizard for content element creation is not rendered properly. This is due
to a missing import of the `PageActions` module.
This patch now always loads the module and makes its callback depending
on proper permissions.
Resolves: #88532
Related: #87687
Releases: master, 9.5
Change-Id: Ie3acaf8fbf9bdeee425eae4b4d35cb2eb80b4d1d
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60907
Tested-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Tested-by: Markus Klein <markus.klein@typo3.org>
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Reviewed-by: Markus Klein <markus.klein@typo3.org>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Benni Mack [Fri, 7 Jun 2019 07:29:11 +0000 (09:29 +0200)]
[BUGFIX] Ignore cHash when given but not needed
If a cHash GET parameter is given, but there
are no GET parameters that are relevant, a
hash_calc() call against an empty string is done.
However, the change now allows an invalid
cHash if no check is necessary. This could
happen when upgrading from older instances
where a cHash is not needed anymore.
Bots would not then fill up the error log
but get the new page (with a valid 200 result)
Resolves: #41033
Releases: master, 9.5
Change-Id: Id02701fcbece371a6b9ce0f92fe0be55dd972325
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60895
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Georg Ringer <georg.ringer@gmail.com>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Georg Ringer <georg.ringer@gmail.com>
Benni Mack [Thu, 16 May 2019 12:17:03 +0000 (14:17 +0200)]
[!!!][TASK] Streamline TimeTracker global information
This patch removes unused variables:
$GLOBALS['TYPO3_MISC']['microtime_BE_USER_start']
$GLOBALS['TYPO3_MISC']['microtime_BE_USER_end']
$GLOBALS['TYPO3_MISC']['microtime_end']
$GLOBALS['TYPO3_MISC']['microtime_start']
are replaced by properly using
- TimeTracker->start()
- TimeTracker->finish() (new method)
to encapsulate the logic into the main method.
Resolves: #88498
Releases: master
Change-Id: I158e4b3aed002f688f117488cb0300c6523e791f
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60769
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Tested-by: Georg Ringer <georg.ringer@gmail.com>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Georg Ringer <georg.ringer@gmail.com>
Andreas Fernandez [Fri, 7 Jun 2019 15:55:44 +0000 (17:55 +0200)]
[BUGFIX] Remove duplicate closing tag in tsref.xml
With #88459, the closing tag `</property>` was accidentally not
removed, leaving a broken XML structure. This patch removes the closing
tag.
Resolves: #88526
Related: #88459
Releases: master
Change-Id: Iee6ca5f11f12d3f84f5bc0ef4afeefcb3b37bf73
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60901
Tested-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Reviewed-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Benni Mack [Wed, 29 May 2019 13:18:48 +0000 (15:18 +0200)]
[TASK] Move emailAtLogin for BE Users in custom class
The fat BE User object needs a haircut, and the obvious
logic for sending out an email is moved out.
Resolves: #88454
Releases: master
Change-Id: Id009a975c1d4b75d17c8f5ec2ce06f384dda6e12
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60838
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Georg Ringer <georg.ringer@gmail.com>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Georg Ringer <georg.ringer@gmail.com>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Benni Mack [Wed, 5 Jun 2019 07:32:51 +0000 (09:32 +0200)]
[BUGFIX] Ensure "0" is treated as proper fallback in site language
Due to incomplete handling of "0" and casting, the fallback
is always "0" which is wrong.
The patch fixes the behavior and adds tests to all use-cases
mentioned in the ticket.
Resolves: #88490
Releases: master, 9.5
Change-Id: Ie685b96a94213104729261daa0e3be6e8ef29c35
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60879
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Daniel Goerz <daniel.goerz@posteo.de>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Daniel Goerz <daniel.goerz@posteo.de>
Reviewed-by: Tobi Kretschmann <tobi@tobishome.de>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Alexander Stehlik [Tue, 16 Apr 2019 17:37:00 +0000 (19:37 +0200)]
[TASK] Improve click behavior of the pagetree
Initialize the d3-drag clickDistance setting to prevent clicks
where the mouse slightly moves from being detected as drag
attempts.
See also:
https://github.com/d3/d3-drag#drag_clickDistance
Resolves: #88160
Releases: master, 9.5
Change-Id: I646591327e1688258e5d2d6ec3ca54000219f97a
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60488
Reviewed-by: Daniel Goerz <daniel.goerz@posteo.de>
Reviewed-by: Paweł Rogowicz <rogowicz.pawel@gmail.com>
Reviewed-by: Tymoteusz Motylewski <t.motylewski@gmail.com>
Tested-by: Paweł Rogowicz <rogowicz.pawel@gmail.com>
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Jonas Eberle <flightvision@googlemail.com>
Tested-by: Tymoteusz Motylewski <t.motylewski@gmail.com>
Oliver Hader [Thu, 6 Jun 2019 05:39:33 +0000 (07:39 +0200)]
Revert "[TASK] Drop t3_origuid fields from functional tests"
This reverts commit
55f7beae9e8360c56f9f788774177d7572bbd901.
Unfortunately it's not possible to get rid of t3_origuid completely
without introducing new side-effects. Remaining test adjustments for
#88494 have shown that non-translatable entities used as reference
would rather be deleted & re-created instead of synchronized.
t3_origuid did a good job there - dropping it would introduce the
mentioned regression. Misusing l10n_source for a non-translatable
table sounds as stupid as introducing a new field like sync_origuid.
Related: #88494
Reverts: #88495
Resolves: #88501
Releases: master
Change-Id: I4de8a0cbac1b7c9825991794830efaa53f270709
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60888
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Oliver Hader <oliver.hader@typo3.org>
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Georg Ringer [Mon, 7 Jan 2019 18:50:15 +0000 (19:50 +0100)]
[TASK] Remove no_cache=1 from preview url generation
The usage of no_cache should be avoided. If still required it can be added
by using the setting additionalGetParameters.
As the functionality goes into the PageRouter (effectively adds cHash),
and it's possible that "no_cache" is completely disabled, it is not
necessary to be set. This was not the case in v9 as Site Handling
was not available everywhere.
On top, if an editor is actually previewing the content on the page
(via EditDocumentController "save + view") DataHandler is actually
flushing the cache of the page/record associated
(e.g. cacheTags for records), which is much more recommended.
Resolves: #87347
Releases: master
Change-Id: I2bcedb4f92231329234684c9daae2843d08ec29d
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/59362
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Benni Mack <benni@typo3.org>
Tested-by: Benjamin Franzke <bfr@qbus.de>
Reviewed-by: Benni Mack <benni@typo3.org>
Reviewed-by: Benjamin Franzke <bfr@qbus.de>
Claus Due [Tue, 19 Mar 2019 14:35:28 +0000 (15:35 +0100)]
[BUGFIX] Prevent division by zero when scaling image
Prevents multiple division by zero errors when scaling
images, by checking that the input image size is valid
(meaning non-zero) before attempting to calculate
the ratio for scaling - because the ratio is based on the
input size parameters that must not be zero.
Change-Id: I33fd3e49a1b3dcdc319309af736a9d785130af94
Releases: master, 9.5, 8.7
Resolves: #87954
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60299
Tested-by: Daniel Goerz <daniel.goerz@posteo.de>
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Reviewed-by: Daniel Goerz <daniel.goerz@posteo.de>
Reviewed-by: Oliver Klee <typo3-coding@oliverklee.de>
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Reviewed-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
c.essl [Sat, 25 May 2019 11:26:53 +0000 (13:26 +0200)]
[FEATURE] Add log message for "Switch User action"
If an admin user switches to another be_user account via the "Switch User"
action in the "Backend users" module, the action is now logged to the
sys_log.
Resolves: #78432
Releases: master
Change-Id: I0a9cb35e2d8734eb86ff475afeeac821a2f2a78a
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60824
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Guido Schmechel <guido.schmechel@brandung.de>
Tested-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Reviewed-by: Guido Schmechel <guido.schmechel@brandung.de>
Reviewed-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Stefan Frömken [Tue, 30 Apr 2019 08:11:44 +0000 (10:11 +0200)]
[TASK] Better example for FlashMessage finisher
- Show how to use messageArguments
- messageCode is mandatory (Don't know why, but yes it is)
--> As it is mandatory, it does not make sense to write `\1dif needed`\1d
- remove `\1dDefault value`\1d from mandatory options
--> As all calls in TYPO3 Core are strict types, a value like `\1dnull`\1d
will throw an Exception
Releases: master
Resolves: #88247
Change-Id: Ibf101a7c35ae01c975dbcaf162ff38f4eef27221
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60631
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Jörg Bösche <typo3@joergboesche.de>
Tested-by: Daniel Goerz <daniel.goerz@posteo.de>
Reviewed-by: Jörg Bösche <typo3@joergboesche.de>
Reviewed-by: Daniel Goerz <daniel.goerz@posteo.de>
Andreas Fernandez [Sat, 1 Jun 2019 21:04:26 +0000 (23:04 +0200)]
[TASK] Open LinkBrowser in modal window
The LinkBrowser used in FormEngine is now opened in a modal window
instead of a popup.
Resolves: #88471
Releases: master
Change-Id: I59992b2fc8a9fbf6b01aa2213c024fd0c13de009
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60860
Tested-by: Markus Klein <markus.klein@typo3.org>
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Daniel Goerz <daniel.goerz@posteo.de>
Reviewed-by: Markus Klein <markus.klein@typo3.org>
Reviewed-by: Daniel Goerz <daniel.goerz@posteo.de>
Oliver Hader [Wed, 5 Jun 2019 09:45:46 +0000 (11:45 +0200)]
[TASK] Drop t3_origuid fields from functional tests
In order to drop t3_origuid semantics (see issue #88494) according
usages should be purged from functional tests. This way functional
changes are easier to spot having to dedicated change-sets.
Resolves: #88495
Releases: master
Change-Id: Ic54efe30bb112b179a176681a3bb067de1791d44
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60880
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Tested-by: Benni Mack <benni@typo3.org>
Reviewed-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Reviewed-by: Benni Mack <benni@typo3.org>
Benni Mack [Wed, 29 May 2019 21:28:56 +0000 (23:28 +0200)]
[BUGFIX] Ensure no PHP warning is thrown if legacy code is used
When no constant is given (due to old OS),
a PHP warning is now triggered due to PHP 7.2. This is
overcome to use the polyfill functionality instead then.
Resolves: #88443
Releases: master, 9.5
Change-Id: I5ac673f10bc1421e543b8f969a0111e9bbc9c11e
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60844
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Michael Waack <m.waack@i-d.de>
Tested-by: Thomas Anders <me@naderio.de>
Tested-by: Benni Mack <benni@typo3.org>
Reviewed-by: Michael Waack <m.waack@i-d.de>
Reviewed-by: Frank Naegler <frank.naegler@typo3.org>
Reviewed-by: Thomas Anders <me@naderio.de>
Reviewed-by: Benni Mack <benni@typo3.org>
Benni Mack [Tue, 4 Jun 2019 14:11:48 +0000 (16:11 +0200)]
[TASK] Simplify Locales class
The Locales class implies a kind-of singleton approach to fetch
configuration information.
In addition, Locales does the same functionality all over again:
- array_flip for "isoReverseMapping" (not in use directly and can be removed)
- taking the built-in supported languages and loops over them
both is unnecessary at runtime.
Instead, only the user-specific parts are validated.
Resolves: #88488
Releases: master
Change-Id: Ib1a9589bd670fe77b5bf7f5ca769c9601a2b2b0c
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60877
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Tested-by: Georg Ringer <georg.ringer@gmail.com>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Georg Ringer <georg.ringer@gmail.com>
Benni Mack [Mon, 3 Jun 2019 07:15:30 +0000 (09:15 +0200)]
[TASK] Set locale for requests earlier in Frontend process
Due to non-site handling, setting the locale was built on top of
TypoScript settings. This was the reason, this was encapsulated
within "$TSFE->settingLocale()".
However, as the locale is now always available once SiteLanguage
has been resolved, this can be handled very early.
On top, the functionaltiy can be extracted from TSFE completely,
and be universally used within "Locales".
The method $TSFE->settingLocale() is now deprecated.
Resolves: #88473
Releases: master
Change-Id: I28c057ecc6d6ba37153a09812a61e5827cdb7bc5
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60863
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Stefan Neufeind [Thu, 30 May 2019 12:55:28 +0000 (14:55 +0200)]
[TASK] Upgrade Symfony-components
Command used:
composer update symfony/* --with-dependencies
Following dependencies changed:
- Installing symfony/polyfill-php73 (v1.11.0)
- Updating symfony/polyfill-mbstring (v1.10.0 => v1.11.0)
- Updating symfony/console (v4.2.3 => v4.3.0)
- Installing symfony/var-exporter (v4.3.0)
- Updating symfony/cache (v4.1.4 => v4.3.0)
- Updating symfony/expression-language (v4.1.4 => v4.3.0)
- Updating symfony/finder (v4.2.3 => v4.3.0)
- Updating symfony/polyfill-php72 (v1.10.0 => v1.11.0)
- Updating symfony/polyfill-intl-idn (v1.10.0 => v1.11.0)
- Updating symfony/inflector (v4.2.2 => v4.3.0)
- Updating symfony/property-access (v4.2.2 => v4.3.0)
- Updating symfony/property-info (v4.2.2 => v4.3.0)
- Updating symfony/routing (v4.1.4 => v4.3.0)
- Updating symfony/yaml (v4.1.4 => v4.3.0)
- Updating symfony/filesystem (v4.2.3 => v4.3.0)
- Updating symfony/options-resolver (v4.2.3 => v4.3.0)
- Updating symfony/polyfill-php70 (v1.10.0 => v1.11.0)
- Updating symfony/stopwatch (v4.2.3 => v4.3.0)
- Updating symfony/intl (v4.1.4 => v4.3.0)
- Updating symfony/polyfill-intl-icu (v1.9.0 => v1.11.0)
Resolves: #87050
Releases: master
Change-Id: I3556d4cddb3863a26bddd5ac5d84f313d8a2793b
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60411
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Tested-by: Stefan Neufeind <typo3.neufeind@speedpartner.de>
Tested-by: Benni Mack <benni@typo3.org>
Reviewed-by: Oliver Klee <typo3-coding@oliverklee.de>
Reviewed-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Reviewed-by: Benni Mack <benni@typo3.org>
Benni Mack [Mon, 3 Jun 2019 14:56:07 +0000 (16:56 +0200)]
[TASK] Remove DB Connection check in Frontend Requests
The check if the pages table is accessible is removed.
In TYPO3 v9 this was right after the TSFE creation due to 100%
backwards-compatibility in terms of previous code which has now
vanished (a legacy hook).
This change removes the database initialization check as it is done
already anyway earlier in Bootstrap.
Resolves: #88481
Releases: master
Change-Id: I7ca0c068ece433e9c545163121373b0de2af086d
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60866
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Stefan Froemken <froemken@gmail.com>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Stefan Froemken <froemken@gmail.com>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Benni Mack [Mon, 3 Jun 2019 08:33:55 +0000 (10:33 +0200)]
[TASK] Prepare cache timeout more efficiently in Frontend
Cache Timeout, configured via config.cache_period can be configured
when TypoScript is available.
The functionality $TSFE->generatePage_preProcessing() has been
thinned out further, as custom PHP Scripts are now handled via custom
RequestHandlers anyway, which now rely on this information
being set earlier (and also when a page should not be generated).
Resolves: #88475
Releases: master
Change-Id: Id9b6b0921c797e2b9de8d7b4302c515e59b0217e
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60864
Tested-by: Markus Klein <markus.klein@typo3.org>
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Benjamin Franzke <bfr@qbus.de>
Reviewed-by: Markus Klein <markus.klein@typo3.org>
Reviewed-by: Benjamin Franzke <bfr@qbus.de>
Benni Mack [Wed, 29 May 2019 16:54:01 +0000 (18:54 +0200)]
Revert "[BUGFIX] Allow to send multiple HTTP headers with the same name"
This reverts commit
1683f107e72e59737fb389e4623782de0ef472c0.
Reason for revert:
This breaks existing code, as multiple headers are now
sent to the client which were previously overridden.
As long as there is existing code in TYPO3 where header() is
sent, this change can only be done as a breaking change.
Change-Id: Id7444b1455855702143b3fde5629203f252ba07e
Reverts: #88420
Resolves: #88457
Releases: master, 9.5
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60839
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Georg Ringer <georg.ringer@gmail.com>
Reviewed-by: Markus Poerschke <markus@poerschke.nrw>
Reviewed-by: Guido Schmechel <guido.schmechel@brandung.de>
Reviewed-by: Helmut Hummel <typo3@helhum.io>
Reviewed-by: Benni Mack <benni@typo3.org>
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Tested-by: Helmut Hummel <typo3@helhum.io>
Tested-by: Benni Mack <benni@typo3.org>
Andreas Fernandez [Mon, 29 Apr 2019 20:58:03 +0000 (22:58 +0200)]
[BUGFIX] Use scheme://host:port of current request resolving error page
Error pages in site configurations don't need to point to an absolute URI.
When such error pages get resolved, the scheme, host and port of the
request get attached to the resolved page.
Resolves: #86935
Releases: master, 9.5
Change-Id: I1b29b7e7ec51c67e6630ed0f2de5f7e3276e8e7d
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60630
Reviewed-by: Jörg Bösche <typo3@joergboesche.de>
Reviewed-by: Mathias Brodala <mbrodala@pagemachine.de>
Reviewed-by: Tizian Schmidlin <st@cabag.ch>
Reviewed-by: Benni Mack <benni@typo3.org>
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Tizian Schmidlin <st@cabag.ch>
Tested-by: Benni Mack <benni@typo3.org>
Anja Leichsenring [Mon, 3 Jun 2019 16:20:11 +0000 (18:20 +0200)]
[BUGFIX] Remove side effect of unit test
The class typo3/sysext/frontend/Tests/Unit/Middleware/SiteResolverTest
manipulates the locale setting of the environment without
restoring it. So following tests might get affected by this change
and are not independent anymore.
Resolves: #88484
Releases: master, 9.5
Change-Id: I02617a34bff08606866e9015111496d75bb6dcd4
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60869
Tested-by: Benni Mack <benni@typo3.org>
Tested-by: Georg Ringer <georg.ringer@gmail.com>
Reviewed-by: Benni Mack <benni@typo3.org>
Reviewed-by: Georg Ringer <georg.ringer@gmail.com>
Anja Leichsenring [Mon, 3 Jun 2019 15:01:57 +0000 (17:01 +0200)]
[BUGFIX] Raise codeception and phpunit versions
With #88388, the composer.json file was adjusted to the required
versions of
phpunit/phpunit ^8.1
codeception/codeception ^3
but the composer.lock file did not reflect these changes.
Resolves: #88483
Relates: #88388
Releases: master
Change-Id: Idc7d4a63d0d9fb427e2c1b63f62e2b4da057b8e9
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60868
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Benni Mack <benni@typo3.org>
Reviewed-by: Benni Mack <benni@typo3.org>
Benni Mack [Wed, 29 May 2019 21:07:19 +0000 (23:07 +0200)]
[!!!][TASK] Remove config.language_alt and config.language
Due to site handling, the TypoScript properties config.language
and config.language_alt have no effect anymore and can be removed.
This patch removes the last forgotten occurrences.
Resolves: #88459
Releases: master
Change-Id: Ic4793035264cc00fe1e5d22b6b1c7cafdbdc49ed
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60842
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Georg Ringer <georg.ringer@gmail.com>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Georg Ringer <georg.ringer@gmail.com>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Benni Mack [Wed, 29 May 2019 21:15:06 +0000 (23:15 +0200)]
[TASK] Remove leftover code from PseudoSite Handling
The SiteMatcher object now always returns a Site / NullSite, so there
will never be an exception "SiteNotFoundException" thrown.
This dead code, which is never executed, can be removed.
Resolves: #88461
Releases: master
Change-Id: I458b46f3beea2ea7934a4557acac67453a819784
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60843
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Georg Ringer <georg.ringer@gmail.com>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Georg Ringer <georg.ringer@gmail.com>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Benjamin Kott [Fri, 31 May 2019 14:09:32 +0000 (16:09 +0200)]
[TASK] Raise typo3 icons to 1.9.0
Executed tasks:
cd Build
yarn add @typo3/icons@1.9.0 --dev
yarn grunt copy:core_icons
yarn grunt copy:extension_icons
yarn grunt copy:install_icons
yarn grunt copy:module_icons
Resolves: #88467
Releases: master, 9.5
Change-Id: Ib04a694d5f68e5543a674bca4da7f957ae20ace3
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60858
Tested-by: Frank Naegler <frank.naegler@typo3.org>
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Frank Naegler <frank.naegler@typo3.org>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
c.essl [Sat, 25 May 2019 08:07:58 +0000 (10:07 +0200)]
[TASK] Add links to the loaded images in the info module
There is a "Images on this page" feature in the info module of the
adminpanel. This patch adds a simple link icon for each listed image
to easily open and view the images in a new tab.
Resolves: #88438
Releases: master, 9.5
Change-Id: I150a44e40496f5d525094df7eb940c85e863ba90
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60822
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Tested-by: Frank Naegler <frank.naegler@typo3.org>
Tested-by: TYPO3com <noreply@typo3.com>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Frank Naegler <frank.naegler@typo3.org>
c.essl [Mon, 27 May 2019 16:07:06 +0000 (18:07 +0200)]
[BUGFIX] Do not show message "Allowed file extensions" for internal_type="db"
For IRRE relations with a "foreign_selector" relation set to a field of
type "group" and internal_type "db", the backend wrongly rendered the
message "Allowed file extensions". Instead "Allowed relations" is now
shown for table relations.
Resolves: #87747
Releases: master, 9.5, 8.7
Change-Id: I8a3b7686af14821ece0f727601c1a1bc0d5e1953
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60830
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Frank Naegler <frank.naegler@typo3.org>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Tobi Kretschmann <tobi@tobishome.de>
Reviewed-by: Frank Naegler <frank.naegler@typo3.org>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Andreas Fernandez [Fri, 31 May 2019 11:37:03 +0000 (13:37 +0200)]
[BUGFIX] Add missing copyright header for MD5 AMD module
This patch adds the missing copyright header of the original md5
JavaScript library.
To achieve this, the Grunt configuration must be adjusted to keep comments
beginning in a special format.
Resolves: #88465
Related: #88432
Releases: master
Change-Id: I35e5a07793273491f839e415d4deda27d1307ffb
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60852
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Frank Naegler <frank.naegler@typo3.org>
Tested-by: Benjamin Kott <benjamin.kott@outlook.com>
Reviewed-by: Frank Naegler <frank.naegler@typo3.org>
Reviewed-by: Benjamin Kott <benjamin.kott@outlook.com>
Rémy DANIEL [Fri, 24 May 2019 15:11:08 +0000 (17:11 +0200)]
[BUGFIX] Refresh browser cache when ckeditor config or plugins changes
CKEDITOR.timestamp now contains also a hash of the configuration.
This is appended to uri when CKeditor loads resources.
This mitigates issues with browser caching when CKeditor plugins are
updated.
Resolves: #88369
Releases: master,9.5,8.7
Change-Id: I9f4a8f611683db93c47b62d22871eac23f3a8819
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60819
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Frank Naegler <frank.naegler@typo3.org>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Benni Mack <benni@typo3.org>
Reviewed-by: Frank Naegler <frank.naegler@typo3.org>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
c.essl [Sat, 25 May 2019 05:57:58 +0000 (07:57 +0200)]
[BUGFIX] Clamp "simulateDate" timestamp to minimum 60 seconds
In order to avoid RuntimeExceptions, the "simulateDate" TSConfig setting
for the adminpanel has to be at least 60 seconds. Otherwise
$GLOBALS['SIM_ACCESS_TIME'] will be set to 0.
Resolves: #88437
Releases: master, 9.5
Change-Id: I0377eb4e1d96636367529d185181f61affed44fc
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60821
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Tested-by: Frank Naegler <frank.naegler@typo3.org>
Reviewed-by: Benni Mack <benni@typo3.org>
Reviewed-by: Oliver Klee <typo3-coding@oliverklee.de>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Frank Naegler <frank.naegler@typo3.org>
mkoitka [Tue, 9 Apr 2019 13:30:30 +0000 (15:30 +0200)]
[TASK] Write cleaner FileWriter JSON output
Since PHP 5.4 it's possible to disable escaping for unicode characters
and slashes, which results in a much cleaner, leaner and most
importantly readable TYPO3 log output.
Releases: master, 9.5
Resolves: #88120
Related: #77274
Change-Id: I5b331e29e0f036d3d95b0f1045c269a28fec6abb
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60431
Reviewed-by: Markus Klein <markus.klein@typo3.org>
Reviewed-by: Oliver Klee <typo3-coding@oliverklee.de>
Reviewed-by: Georg Ringer <georg.ringer@gmail.com>
Reviewed-by: Tomas Norre Mikkelsen <tomasnorre@gmail.com>
Reviewed-by: Frank Naegler <frank.naegler@typo3.org>
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Georg Ringer <georg.ringer@gmail.com>
Tested-by: Frank Naegler <frank.naegler@typo3.org>