Commit 64501965 authored by Georg Ringer's avatar Georg Ringer Committed by Benjamin Franzke
Browse files

[!!!][TASK] Use https as default scheme in PageRouter

Make the web more secure by using https as fallback scheme if not set.

Resolves: #96835
Releases: main
Change-Id: I7eea535046b25a55c705a1e13c841318966527ff

Tested-by: Christian Kuhn's avatarChristian Kuhn <>
Tested-by: core-ci's avatarcore-ci <>
Tested-by: Benjamin Franzke's avatarBenjamin Franzke <>
Reviewed-by: Christian Kuhn's avatarChristian Kuhn <>
Reviewed-by: Benjamin Franzke's avatarBenjamin Franzke <>
parent eaefddb7
......@@ -309,7 +309,7 @@ class PageRouter implements RouterInterface
rtrim($language->getBase()->getPath(), '/'),
$scheme ?: 'http',
$scheme ?: 'https',
$scheme === 'http' ? $language->getBase()->getPort() ?? 80 : 80,
$scheme === 'https' ? $language->getBase()->getPort() ?? 443 : 443
.. include:: ../../Includes.txt
Breaking: #96835 - https as default scheme in PageRouter
See :issue:`96835`
The fallback scheme in :php:`\TYPO3\CMS\Core\Routing\PageRouter::generateUri()` is set to `https` instead of `http` when linking to other pages.
If the site configuration does not provide a scheme but only a domain (e.g. `www.domain.tld`), the scheme is set to `https`.
Affected Installations
All installations which use a site configuration without providing a scheme and which must not be delivered through `https`.
If `https` can't be used, the entry point must define the scheme, e.g. `http://www.domain.tld`.
.. index:: Frontend, NotScanned, ext:core
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment