Commit 36600adf authored by Christian Kuhn's avatar Christian Kuhn
Browse files

[!!!][TASK] Remove f:uri.email ViewHelper

Resolves: #96202
Related: #95041
Releases: main
Change-Id: If8c79a648a6327d0b806849693dada744bce7502
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/72460

Tested-by: core-ci's avatarcore-ci <typo3@b13.com>
Tested-by: Stefan Bürk's avatarStefan Bürk <stefan@buerk.tech>
Tested-by: Christian Kuhn's avatarChristian Kuhn <lolli@schwarzbu.ch>
Reviewed-by: Stefan Bürk's avatarStefan Bürk <stefan@buerk.tech>
Reviewed-by: Christian Kuhn's avatarChristian Kuhn <lolli@schwarzbu.ch>
parent c02699a5
......@@ -41,14 +41,11 @@ class DefaultSanitizerBuilder extends CommonBuilder
);
// + starting with `t3://`
$isTypo3Uri = new Behavior\RegExpAttrValue('#^t3://#');
// + TYPO3 spam protected email address using JavaScript
// @deprecated Only used in f:uri.email view-helper, which is deprecated and will be removed in TYPO3 v12.0
$isSpamProtectedEmailUri = new Behavior\RegExpAttrValue('#^javascript:linkTo_UnCryptMailto#');
// extends common attributes for TYPO3-specific URIs
$this->srcAttr->addValues($isOnCurrentHost);
$this->srcsetAttr->addValues($isOnCurrentHost);
$this->hrefAttr->addValues($isOnCurrentHost, $isTypo3Uri, $isSpamProtectedEmailUri);
$this->hrefAttr->addValues($isOnCurrentHost, $isTypo3Uri);
// @todo `style` used in Introduction Package, inline CSS should be removed
$this->globalAttrs[] = new Behavior\Attr('style');
......
......@@ -174,6 +174,7 @@ The following ViewHelpers have been changed or removed:
- :html:`<be:moduleLayout.button.shortcutButton>` removed
- :html:`<f:base>` removed
- :html:`<f:be.container>` removed
- :html:`<f:uri.email>` removed
The following TypoScript options have been removed or adapted:
......
......@@ -111,12 +111,6 @@ class DefaultSanitizerBuilderTest extends FunctionalTestCase
'<a href="tel:123456789" role="button">value</a>',
'<a href="tel:123456789" role="button">value</a>',
],
'#056' => [
// config.spamProtectEmailAddresses = [n]
// @deprecated Only used in f:uri.email view-helper, which is deprecated and will be removed in TYPO3 v12.0
'<a href="javascript:linkTo_UnCryptMailto(%27ocknvq%2CkphqBrtczku%5C%2Fmkghgt0fg%27);">email(at)domain.tld</a>',
'<a href="javascript:linkTo_UnCryptMailto(%27ocknvq%2CkphqBrtczku%5C%2Fmkghgt0fg%27);">email(at)domain.tld</a>',
],
'#057' => [
// config.spamProtectEmailAddresses = ascii
'<a href="&#109;&#97;&#105;&#108;&#116;&#111;&#58;&#115;&#111;&#109;&#101;&#46;&#98;&#111;&#100;&#121;&#64;&#116;&#101;&#115;&#116;&#46;&#116;&#121;&#112;&#111;&#51;&#46;&#111;&#114;&#103;">some.body(at)test.typo3(dot)org</a>',
......
<?php
/*
* This file is part of the TYPO3 CMS project.
*
* It is free software; you can redistribute it and/or modify it under
* the terms of the GNU General Public License, either version 2
* of the License, or any later version.
*
* For the full copyright and license information, please read the
* LICENSE.txt file that was distributed with this source code.
*
* The TYPO3 project - inspiring people to share!
*/
namespace TYPO3\CMS\Fluid\ViewHelpers\Uri;
use TYPO3\CMS\Core\Http\ApplicationType;
use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\CMS\Frontend\Controller\TypoScriptFrontendController;
use TYPO3Fluid\Fluid\Core\Rendering\RenderingContextInterface;
use TYPO3Fluid\Fluid\Core\ViewHelper\AbstractViewHelper;
use TYPO3Fluid\Fluid\Core\ViewHelper\Traits\CompileWithRenderStatic;
/**
* Email URI ViewHelper.
* Generates an email URI incorporating TYPO3s `spamProtectEmailAddresses`_ TypoScript setting.
*
* .. _spamProtectEmailAddresses: https://docs.typo3.org/m/typo3/reference-typoscript/master/en-us/Setup/Config/Index.html#spamprotectemailaddresses
*
* Example
* =======
*
* Basic email URI::
*
* <f:uri.email email="foo@bar.tld" />
*
* Output::
*
* javascript:linkTo_UnCryptMailto('ocknvq,hqqBdct0vnf');
*
* Depending on `spamProtectEmailAddresses`_ setting.
*
* @deprecated Will be removed in TYPO3 v12.0
*/
class EmailViewHelper extends AbstractViewHelper
{
use CompileWithRenderStatic;
/**
* Initialize arguments
*/
public function initializeArguments()
{
$this->registerArgument('email', 'string', 'The email address to be turned into a URI', true);
}
/**
* @param array $arguments
* @param \Closure $renderChildrenClosure
* @param RenderingContextInterface $renderingContext
*
* @return string Rendered email link
*/
public static function renderStatic(array $arguments, \Closure $renderChildrenClosure, RenderingContextInterface $renderingContext)
{
trigger_error('f:uri.email view-helper is deprecated an will be removed in TYPO3 v12.0', E_USER_DEPRECATED);
$email = $arguments['email'];
if (ApplicationType::fromRequest($renderingContext->getRequest())->isFrontend()) {
/** @var TypoScriptFrontendController $frontend */
$frontend = $GLOBALS['TSFE'];
[$linkHref, $linkText, $attributes] = $frontend->cObj->getMailTo($email, $email);
if (isset($attributes['data-mailto-token']) && isset($attributes['data-mailto-vector'])) {
$linkHref = sprintf(
'javascript:linkTo_UnCryptMailto(%s,%d);',
rawurlencode(GeneralUtility::quoteJSvalue($attributes['data-mailto-token'])),
-(int)$attributes['data-mailto-vector']
);
}
return $linkHref;
}
return 'mailto:' . $email;
}
}
"pages",,,,,,,
,"uid","pid","title","sorting","deleted","perms_everybody","slug"
,1,0,"Root",128,0,15,"/"
,2,1,"Dummy 1-2",128,0,15,"/dummy-1-2"
,3,2,"Dummy 1-2-3",128,0,15,"/dummy-1-2/dummy-1-2-3"
,4,3,"Dummy 1-2-3-4",128,0,15,"/dummy-1-2/dummy-1-2-3/dummy-1-2-3-4"
,5,1,"Dummy 1-5",128,0,15,"/dummy-1-5"
,6,5,"Dummy 1-5-6",128,0,15,"/dummy-1-5/dummy-1-5-6"
,7,0,"Root 2",128,0,15,"/"
<?php
declare(strict_types=1);
/*
* This file is part of the TYPO3 CMS project.
*
* It is free software; you can redistribute it and/or modify it under
* the terms of the GNU General Public License, either version 2
* of the License, or any later version.
*
* For the full copyright and license information, please read the
* LICENSE.txt file that was distributed with this source code.
*
* The TYPO3 project - inspiring people to share!
*/
namespace TYPO3\CMS\Fluid\Tests\FunctionalDeprecated\ViewHelpers\Uri;
use TYPO3\CMS\Core\Core\SystemEnvironmentBuilder;
use TYPO3\CMS\Core\Database\ConnectionPool;
use TYPO3\CMS\Core\Http\ServerRequest;
use TYPO3\CMS\Core\Tests\Functional\SiteHandling\SiteBasedTestTrait;
use TYPO3\CMS\Fluid\View\StandaloneView;
use TYPO3\TestingFramework\Core\Functional\Framework\Frontend\InternalRequest;
use TYPO3\TestingFramework\Core\Functional\FunctionalTestCase;
class EmailViewHelperTest extends FunctionalTestCase
{
use SiteBasedTestTrait;
/**
* @test
*/
public function renderCreatesProperMarkupInBackend(): void
{
$GLOBALS['TYPO3_REQUEST'] = (new ServerRequest())
->withAttribute('applicationType', SystemEnvironmentBuilder::REQUESTTYPE_BE);
$view = new StandaloneView();
$view->setTemplateSource('<f:uri.email email="foo@example.com" />');
self::assertEquals('mailto:foo@example.com', $view->render());
}
public function renderEncodesEmailInFrontendDataProvider(): array
{
return [
'Plain email' => [
'<f:uri.email email="some@email.tld" />',
0,
'mailto:some@email.tld',
],
'Plain email with spam protection' => [
'<f:uri.email email="some@email.tld" />',
1,
'javascript:linkTo_UnCryptMailto(%27nbjmup%2BtpnfAfnbjm%5C%2Fume%27,-1);',
],
'Susceptible email' => [
'<f:uri.email email="\"><script>alert(\'email\')</script>" />',
0,
'mailto:&quot;&gt;&lt;script&gt;alert(&#039;email&#039;)&lt;/script&gt;',
],
'Susceptible email with spam protection' => [
'<f:uri.email email="\"><script>alert(\'email\')</script>" />',
1,
'javascript:linkTo_UnCryptMailto(%27nbjmup%2B%5Cu0022%5Cu003E%5Cu003Ctdsjqu%5Cu003Ebmfsu%28%5Cu0027fnbjm%5Cu0027%29%5Cu003C0tdsjqu%5Cu003E%27,-1);',
],
];
}
/**
* @test
* @dataProvider renderEncodesEmailInFrontendDataProvider
*/
public function renderEncodesEmailInFrontend(string $template, $spamProtectEmailAddresses, string $expected): void
{
$this->importCSVDataSet(__DIR__ . '/../../Fixtures/pages.csv');
$this->writeSiteConfiguration(
'test',
$this->buildSiteConfiguration(1, '/'),
);
(new ConnectionPool())->getConnectionForTable('sys_template')->insert('sys_template', [
'pid' => 1,
'root' => 1,
'clear' => 1,
'config' => <<<EOT
config.spamProtectEmailAddresses = $spamProtectEmailAddresses
page = PAGE
page.10 = FLUIDTEMPLATE
page.10 {
template = TEXT
template.value = $template
}
EOT
]);
$response = $this->executeFrontendSubRequest((new InternalRequest())->withPageId(1));
self::assertStringContainsString($expected, (string)$response->getBody());
}
}
......@@ -1849,6 +1849,7 @@ return [
'\TYPO3\CMS\Fluid\ViewHelpers\Uri\EmailViewHelper' => [
'restFiles' => [
'Deprecation-95041-DeprecateFuriemailView-helper.rst',
'Breaking-96107-DeprecatedFunctionalityRemoved.rst',
],
],
'TYPO3\CMS\Extbase\Mvc\Controller\ControllerContext' => [
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment