Commit d52baab2 authored by Benni Mack's avatar Benni Mack Committed by Benjamin Franzke
Browse files

[BUGFIX] Do not emit redirect() via PHP but via PSR-7

In order to allow further manipulation of Response objects,
using "throw new ImmediateResponseException" is much
more flexible than calling HttpUtility::redirect() which immediately
stops the PHP process. This way, it is not even possible
for developers to manipulate the response, or even
test this behavior in functional tests with TYPO3 Core.

The change removes all usages of HttpUtility::redirect().
The method will be deprecated at a later stage.

Resolves: #93004
Releases: master
Change-Id: I9bd0db2b2ee0c15b39b38168d67e6d78ba4be2db
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/67038


Tested-by: default avatarTYPO3com <noreply@typo3.com>
Tested-by: default avatarDaniel Gorges <daniel.gorges@b13.com>
Tested-by: Benjamin Franzke's avatarBenjamin Franzke <bfr@qbus.de>
Reviewed-by: default avatarDaniel Gorges <daniel.gorges@b13.com>
Reviewed-by: Benjamin Franzke's avatarBenjamin Franzke <bfr@qbus.de>
parent 9b5c52be
......@@ -36,13 +36,14 @@ use TYPO3\CMS\Core\Database\ConnectionPool;
use TYPO3\CMS\Core\FormProtection\BackendFormProtection;
use TYPO3\CMS\Core\FormProtection\FormProtectionFactory;
use TYPO3\CMS\Core\Http\HtmlResponse;
use TYPO3\CMS\Core\Http\ImmediateResponseException;
use TYPO3\CMS\Core\Http\NormalizedParams;
use TYPO3\CMS\Core\Http\RedirectResponse;
use TYPO3\CMS\Core\Information\Typo3Information;
use TYPO3\CMS\Core\Localization\LanguageService;
use TYPO3\CMS\Core\Localization\Locales;
use TYPO3\CMS\Core\Page\PageRenderer;
use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\CMS\Core\Utility\HttpUtility;
use TYPO3\CMS\Core\Utility\PathUtility;
use TYPO3\CMS\Fluid\View\StandaloneView;
......@@ -650,7 +651,7 @@ class LoginController implements LoggerAwareInterface
*/
protected function redirectToUrl(): void
{
HttpUtility::redirect($this->redirectToURL);
throw new ImmediateResponseException(new RedirectResponse($this->redirectToURL, 303), 1607271511);
}
/**
......
......@@ -28,13 +28,14 @@ use TYPO3\CMS\Beuser\Service\ModuleDataStorageService;
use TYPO3\CMS\Beuser\Service\UserInformationService;
use TYPO3\CMS\Core\Authentication\BackendUserAuthentication;
use TYPO3\CMS\Core\Context\Context;
use TYPO3\CMS\Core\Http\ImmediateResponseException;
use TYPO3\CMS\Core\Http\RedirectResponse;
use TYPO3\CMS\Core\Messaging\FlashMessage;
use TYPO3\CMS\Core\Pagination\SimplePagination;
use TYPO3\CMS\Core\Session\Backend\HashableSessionBackendInterface;
use TYPO3\CMS\Core\Session\Backend\SessionBackendInterface;
use TYPO3\CMS\Core\Session\SessionManager;
use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\CMS\Core\Utility\HttpUtility;
use TYPO3\CMS\Extbase\Http\ForwardResponse;
use TYPO3\CMS\Extbase\Mvc\Controller\ActionController;
use TYPO3\CMS\Extbase\Mvc\Exception\StopActionException;
......@@ -379,7 +380,7 @@ class BackendUserController extends ActionController
$this->eventDispatcher->dispatch($event);
$redirectUrl = 'index.php' . ($GLOBALS['TYPO3_CONF_VARS']['BE']['interfaces'] ? '' : '?commandLI=1');
HttpUtility::redirect($redirectUrl);
throw new ImmediateResponseException(new RedirectResponse($redirectUrl, 303), 1607271592);
}
}
......
......@@ -19,8 +19,9 @@ use TYPO3\CMS\Backend\Routing\UriBuilder;
use TYPO3\CMS\Beuser\Domain\Repository\BackendUserSessionRepository;
use TYPO3\CMS\Core\Authentication\AbstractUserAuthentication;
use TYPO3\CMS\Core\Authentication\BackendUserAuthentication;
use TYPO3\CMS\Core\Http\ImmediateResponseException;
use TYPO3\CMS\Core\Http\RedirectResponse;
use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\CMS\Core\Utility\HttpUtility;
use TYPO3\CMS\Extbase\Object\ObjectManager;
/**
......@@ -45,7 +46,8 @@ class SwitchBackUserHook
$backendUserSessionRepository->switchBackToOriginalUser($authentication);
/** @var \TYPO3\CMS\Backend\Routing\UriBuilder $uriBuilder */
$uriBuilder = GeneralUtility::makeInstance(UriBuilder::class);
HttpUtility::redirect((string)$uriBuilder->buildUriFromRoute('main'));
$redirectUrl = $uriBuilder->buildUriFromRoute('main');
throw new ImmediateResponseException(new RedirectResponse($redirectUrl, 303), 1607271637);
}
}
......
......@@ -28,6 +28,8 @@ use TYPO3\CMS\Core\Database\Query\Restriction\HiddenRestriction;
use TYPO3\CMS\Core\Database\Query\Restriction\RootLevelRestriction;
use TYPO3\CMS\Core\Database\Query\Restriction\WorkspaceRestriction;
use TYPO3\CMS\Core\FormProtection\FormProtectionFactory;
use TYPO3\CMS\Core\Http\ImmediateResponseException;
use TYPO3\CMS\Core\Http\RedirectResponse;
use TYPO3\CMS\Core\Resource\Exception;
use TYPO3\CMS\Core\Resource\Filter\FileNameFilter;
use TYPO3\CMS\Core\Resource\Folder;
......@@ -44,7 +46,6 @@ use TYPO3\CMS\Core\Type\Exception\InvalidEnumerationValueException;
use TYPO3\CMS\Core\TypoScript\Parser\TypoScriptParser;
use TYPO3\CMS\Core\Utility\ExtensionManagementUtility;
use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\CMS\Core\Utility\HttpUtility;
use TYPO3\CMS\Core\Utility\StringUtility;
use TYPO3\CMS\Core\Versioning\VersionState;
use TYPO3\CMS\Install\Service\SessionService;
......@@ -2342,7 +2343,7 @@ TCAdefaults.sys_note.email = ' . $this->user['email'];
if (empty($this->user['uid'])) {
if ($proceedIfNoUserIsLoggedIn === false) {
$url = GeneralUtility::getIndpEnv('TYPO3_SITE_URL') . TYPO3_mainDir;
HttpUtility::redirect($url);
throw new ImmediateResponseException(new RedirectResponse($url, 303), 1607271747);
}
} else {
// ...and if that's the case, call these functions
......
......@@ -17,10 +17,11 @@ namespace TYPO3\CMS\Tstemplate\Controller;
use Psr\Http\Message\ServerRequestInterface;
use TYPO3\CMS\Backend\Routing\UriBuilder;
use TYPO3\CMS\Core\Http\ImmediateResponseException;
use TYPO3\CMS\Core\Http\RedirectResponse;
use TYPO3\CMS\Core\Localization\LanguageService;
use TYPO3\CMS\Core\TypoScript\ExtendedTemplateService;
use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\CMS\Core\Utility\HttpUtility;
use TYPO3\CMS\Fluid\View\StandaloneView;
/**
......@@ -154,8 +155,8 @@ class TypoScriptTemplateInformationModuleFunctionController
'id' => $this->id,
'SET[templatesOnPage]' => $newId
];
$url = (string)$uriBuilder->buildUriFromRoute('web_ts', $urlParameters);
HttpUtility::redirect($url);
$url = $uriBuilder->buildUriFromRoute('web_ts', $urlParameters);
throw new ImmediateResponseException(new RedirectResponse($url, 303), 1607271781);
}
if ($existTemplate) {
$lang = $this->getLanguageService();
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment