-
When a HMAC of a submitted form is invalid, TYPO3 throws a BadRequestException which is logged to sys_log and logfiles. Those invalid HMAC validation errors occur when the values of the hidden fields tx_extension[__trustedProperties] (extbase) or tx_form_formframework[form-id][__state] (ext:form) are manipulated. Since a TYPO3 site owner has no reasonable possibility to prevent tampered form submissions and in order to keep logs clean from errors due to illegal requests, the exceptions are now not logged any more. Resolves: #93667 Related: #90134 Releases: master, 10.4, 9.5 Change-Id: Icc9b209b29c9624c03e6b4e6689b8242a02ef349 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/68857 Tested-by:
core-ci <typo3@b13.com>
Tested-by: 
Oliver Bartsch <bo@cedev.de>
Tested-by: Benni Mack <benni@typo3.org> Reviewed-by:
Oliver Bartsch <bo@cedev.de>
Reviewed-by: 10913600
