-
Andreas Kienast authored
This patch resets the `window.opener` for the entire TYPO3 backend and loads modules using this only in an authenticated environment. This solves an issue when `window.opener` is accessed and the login or backend were opened from a link, e.g. the password reset mail. Resolves: #91270 Resolves: #91205 Releases: master, 9.5 Change-Id: I83bdbfa7dfb80fbcd92ac4a000a6479aad22a73a Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/64394 Tested-by: TYPO3com <noreply@typo3.com> Tested-by: Oliver Hader <oliver.hader@typo3.org> Tested-by: Josef Glatz <josefglatz@gmail.com> Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de> Reviewed-by: Susanne Moog <look@susi.dev> Reviewed-by: Oliver Hader <oliver.hader@typo3.org> Reviewed-by: Josef Glatz <josefglatz@gmail.com> Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
b7a05352