[BUGFIX] Fix redirects to access restricted pages
The RedirectService is using typolink to build links to the defined target, e.g. a page. In case the redirect target is an access restricted page and the user is unauthorized, typolink did not build this link and therefore the request resulted in a 404 response. Since unauthorized requests to an access restricted page should always return a 403 status code, the `linkAccessRestrictedPages` option is now set in the typolink configuration. Therefore, the link will be built even if the user is unauthorized and then redirects to the target page where the correct 403 status code is returned. Resolves: #91879 Releases: master, 10.4 Change-Id: Ib82595abb12fae2c5629920d02b08e5e3144301b Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/67498 Tested-by:TYPO3com <noreply@typo3.com> Tested-by:
Richard Haeser <richard@richardhaeser.com> Tested-by:
Benjamin Franzke <bfr@qbus.de> Reviewed-by:
Markus Klein <markus.klein@typo3.org> Reviewed-by:
Showing
- typo3/sysext/redirects/Classes/Service/RedirectService.php 1 addition, 0 deletionstypo3/sysext/redirects/Classes/Service/RedirectService.php
- typo3/sysext/redirects/Tests/Functional/Service/Fixtures/RedirectToAccessRestrictedPages.xml 31 additions, 0 deletions...onal/Service/Fixtures/RedirectToAccessRestrictedPages.xml
- typo3/sysext/redirects/Tests/Functional/Service/RedirectServiceTest.php 111 additions, 0 deletions...edirects/Tests/Functional/Service/RedirectServiceTest.php
Please register or sign in to comment