[BUGFIX] AddController: RemoveXSS on REQUEST_URI (22ed9499) · Commits · TYPO3 / TYPO3.CMS

Commit 22ed9499 authored 9 years ago by

Laurent Cherpit Committed by Anja Leichsenring 9 years ago

[BUGFIX] AddController: RemoveXSS on REQUEST_URI

sanitizeLocalUrl() fails to compare returnUrl value if the TCA column of a
field type "select" contains configuration keys like "itemListStyle" or
"selectedListStyle".
In "AddController", using RemoveXSS on request_uri before assigning the
returnUrl parameter, the comparaison of the params of returnUrl will
match on the backlink generation used to close the editForm.

If returnUrl contains string with "style" in it, it will be processed in
the same manner by sanitizeLocalUrl. So the backlink of the editForm
will not be dummy.php.

Change-Id: I5f3282766fe6cf9cae24f70d7f979ce4be004d5f
Resolves: #48096
Releases: master
Reviewed-on: http://review.typo3.org/20680


Reviewed-by: Benjamin Mack <benni@typo3.org>
Tested-by: Benjamin Mack <benni@typo3.org>
Reviewed-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Tested-by: Anja Leichsenring <aleichsenring@ab-softlab.de>

parent 1dc6f2f0

Hide whitespace changes

Inline Side-by-side

Showing with 1 addition and 1 deletion

Please register or to comment