diff --git a/typo3/sysext/core/Documentation/Changelog/12.0/Breaking-98488-TypolinkOptionAddQueryStringOnlyIncludesResolvedQueryArguments.rst b/typo3/sysext/core/Documentation/Changelog/12.0/Breaking-98488-TypolinkOptionAddQueryStringOnlyIncludesResolvedQueryArguments.rst
new file mode 100644
index 0000000000000000000000000000000000000000..a12830d42d367d119f513980d2cfbf0be1e82929
--- /dev/null
+++ b/typo3/sysext/core/Documentation/Changelog/12.0/Breaking-98488-TypolinkOptionAddQueryStringOnlyIncludesResolvedQueryArguments.rst
@@ -0,0 +1,49 @@
+.. include:: /Includes.rst.txt
+
+.. _breaking-98488-1664578695:
+
+==========================================================================================
+Breaking: #98488 - Typolink option "addQueryString" only includes resolved query arguments
+==========================================================================================
+
+See :issue:`98488`
+
+Description
+===========
+
+The Typolink option :typoscript:`typolink.addQueryString` previously set all given
+GET parameters to a generated URL that were handed in to the request.
+
+This option is also used under the hood for the Fluid ViewHelpers
+:html:`<f:link.typolink>` and :html:`<f:uri.typolink>`.
+
+With TYPO3 v9 and Routing, this option now only adds the query arguments that
+have been resolved during the Routing process. This way, additional query arguments
+are never added by default.
+
+
+Impact
+======
+
+Setting :typoscript:`typolink.addQueryString = 1` now adds only arguments resolved
+by Route Enhancers, any other query arguments are rejected.
+
+
+Affected installations
+======================
+
+TYPO3 installations relying on `typolink.addQueryString`.
+
+
+Migration
+=========
+
+It is recommended to keep the setting as is, as TYPO3 can identify valid query arguments
+via Routing.
+
+However, to ensure the previous behaviour, the option :typoscript:`typolink.addQueryString` can be set to `untrusted` to add all given.
+
+The same value is also possible for the Fluid ViewHelpers
+:html:`<f:link.typolink>` and :html:`<f:uri.typolink>`.
+
+.. index:: Fluid, TypoScript, NotScanned, ext:frontend
\ No newline at end of file
diff --git a/typo3/sysext/core/Documentation/Changelog/12.0/Deprecation-98488-ContentObjectRenderer-getQueryArguments.rst b/typo3/sysext/core/Documentation/Changelog/12.0/Deprecation-98488-ContentObjectRenderer-getQueryArguments.rst
new file mode 100644
index 0000000000000000000000000000000000000000..4aba1229a60d97861e22ede5b6f52a0b4287531a
--- /dev/null
+++ b/typo3/sysext/core/Documentation/Changelog/12.0/Deprecation-98488-ContentObjectRenderer-getQueryArguments.rst
@@ -0,0 +1,36 @@
+.. include:: /Includes.rst.txt
+
+.. _deprecation-98488-1664576976:
+
+==============================================================
+Deprecation: #98488 - ContentObjectRenderer->getQueryArguments
+==============================================================
+
+See :issue:`98488`
+
+Description
+===========
+
+The public method :php:`ContentObjectRenderer->getQueryArguments()` has been
+marked as deprecated.
+
+
+Impact
+======
+
+Calling the method directly via PHP will trigger a PHP deprecation warning.
+
+
+Affected installations
+======================
+
+TYPO3 installations with custom third-party extensions calling this method directly,
+which is highly unlikely.
+
+
+Migration
+=========
+
+Use LinkFactory directly to create links with the typolink configuration option :typoscript:`typolink.addQueryString = untrusted` to create links with the same behaviour.
+
+.. index:: Frontend, TypoScript, FullyScanned, ext:frontend
\ No newline at end of file
diff --git a/typo3/sysext/core/Documentation/Changelog/12.0/Feature-98488-AdditionalSettingForTypolinkOptionAddQueryString.rst b/typo3/sysext/core/Documentation/Changelog/12.0/Feature-98488-AdditionalSettingForTypolinkOptionAddQueryString.rst
new file mode 100644
index 0000000000000000000000000000000000000000..14144c828b2a9b5bbc068e0cdb2692635ba17a9f
--- /dev/null
+++ b/typo3/sysext/core/Documentation/Changelog/12.0/Feature-98488-AdditionalSettingForTypolinkOptionAddQueryString.rst
@@ -0,0 +1,26 @@
+.. include:: /Includes.rst.txt
+
+.. _feature-98488-1664578785:
+
+=========================================================================
+Feature: #98488 - Additional setting for Typolink option "addQueryString"
+=========================================================================
+
+See :issue:`98488`
+
+Description
+===========
+
+The Typolink option :typoscript:`typolink.addQueryString` now also accepts the value `untrusted` to be used to retrieve all GET parameters of the current request.
+
+This value can also used under the hood for the Fluid ViewHelpers
+:html:`<f:link.typolink>` and :html:`<f:uri.typolink>`.
+
+
+Impact
+======
+
+Setting :typoscript:`typolink.addQueryString = untrusted` adds any given query parameters
+just as it was done in TYPO3 v11 when using :typoscript:`typolink.addQueryString = 1`.
+
+.. index:: Fluid, TypoScript, ext:frontend
\ No newline at end of file
diff --git a/typo3/sysext/fluid/Classes/ViewHelpers/Link/TypolinkViewHelper.php b/typo3/sysext/fluid/Classes/ViewHelpers/Link/TypolinkViewHelper.php
index 7a0889d54bcd7e1e4291a49fa474e20dfb66ed30..a2e72d08e275fe7ba1fb5eb360b1d8cd8a6317ca 100644
--- a/typo3/sysext/fluid/Classes/ViewHelpers/Link/TypolinkViewHelper.php
+++ b/typo3/sysext/fluid/Classes/ViewHelpers/Link/TypolinkViewHelper.php
@@ -106,7 +106,7 @@ final class TypolinkViewHelper extends AbstractViewHelper
$this->registerArgument('language', 'string', 'link to a specific language - defaults to the current language, use a language ID or "current" to enforce a specific language', false);
$this->registerArgument('additionalParams', 'string', 'Additional query parameters to be attached to the resulting URL', false, '');
$this->registerArgument('additionalAttributes', 'array', 'Additional tag attributes to be added directly to the resulting HTML tag', false, []);
- $this->registerArgument('addQueryString', 'bool', 'If set, the current query parameters will be kept in the URL', false, false);
+ $this->registerArgument('addQueryString', 'string', 'If set, the current query parameters will be kept in the URL. If set to "untrusted", then ALL query parameters will be added. Be aware, that this might lead to problems when the generated link is cached.', false, false);
$this->registerArgument('addQueryStringExclude', 'string', 'Define parameters to be excluded from the query string (only active if addQueryString is set)', false, '');
$this->registerArgument('absolute', 'bool', 'Ensure the resulting URL is an absolute URL', false, false);
$this->registerArgument('parts-as', 'string', 'Variable name containing typoLink parts (if any)', false, 'typoLinkParts');
@@ -157,7 +157,7 @@ final class TypolinkViewHelper extends AbstractViewHelper
if (isset($arguments['language']) && $arguments['language'] !== null) {
$instructions['language'] = $arguments['language'];
}
- if ($addQueryString) {
+ if ($addQueryString && $addQueryString !== 'false') {
$instructions['addQueryString'] = $addQueryString;
$instructions['addQueryString.'] = [
'exclude' => $addQueryStringExclude,
diff --git a/typo3/sysext/fluid/Classes/ViewHelpers/Uri/TypolinkViewHelper.php b/typo3/sysext/fluid/Classes/ViewHelpers/Uri/TypolinkViewHelper.php
index 993df53c8245338b4baa0210d2c724ba2292602e..681dd29ad1a14d2da174fd51da6d8bb0f2f9e2cc 100644
--- a/typo3/sysext/fluid/Classes/ViewHelpers/Uri/TypolinkViewHelper.php
+++ b/typo3/sysext/fluid/Classes/ViewHelpers/Uri/TypolinkViewHelper.php
@@ -67,7 +67,7 @@ final class TypolinkViewHelper extends AbstractViewHelper
$this->registerArgument('parameter', 'string', 'stdWrap.typolink style parameter string', true);
$this->registerArgument('additionalParams', 'string', 'stdWrap.typolink additionalParams', false, '');
$this->registerArgument('language', 'string', 'link to a specific language - defaults to the current language, use a language ID or "current" to enforce a specific language', false);
- $this->registerArgument('addQueryString', 'bool', 'If set, the current query parameters will be kept in the URL', false, false);
+ $this->registerArgument('addQueryString', 'string', 'If set, the current query parameters will be kept in the URL. If set to "untrusted", then ALL query parameters will be added. Be aware, that this might lead to problems when the generated link is cached.', false, false);
$this->registerArgument('addQueryStringExclude', 'string', 'Define parameters to be excluded from the query string (only active if addQueryString is set)', false, '');
$this->registerArgument('absolute', 'bool', 'Ensure the resulting URL is an absolute URL', false, false);
}
@@ -101,7 +101,7 @@ final class TypolinkViewHelper extends AbstractViewHelper
if (isset($arguments['language']) && $arguments['language'] !== null) {
$instructions['language'] = $arguments['language'];
}
- if ($addQueryString) {
+ if ($addQueryString && $addQueryString !== 'false') {
$instructions['addQueryString'] = $addQueryString;
$instructions['addQueryString.'] = [
'exclude' => $addQueryStringExclude,
diff --git a/typo3/sysext/fluid/Tests/Functional/ViewHelpers/Link/TypolinkViewHelperTest.php b/typo3/sysext/fluid/Tests/Functional/ViewHelpers/Link/TypolinkViewHelperTest.php
index 50e5f552870e51d539a1f9382691895f14f11dc9..985fbe03f7519cb107c95972f125565007a80a2a 100644
--- a/typo3/sysext/fluid/Tests/Functional/ViewHelpers/Link/TypolinkViewHelperTest.php
+++ b/typo3/sysext/fluid/Tests/Functional/ViewHelpers/Link/TypolinkViewHelperTest.php
@@ -43,11 +43,11 @@ class TypolinkViewHelperTest extends FunctionalTestCase
'<a href="/en/">This is a testlink</a>',
],
'link: with add query string' => [
- '<f:link.typolink parameter="1" addQueryString="true">This is a testlink</f:link.typolink>',
+ '<f:link.typolink parameter="1" addQueryString="untrusted">This is a testlink</f:link.typolink>',
'<a href="/en/?foo=bar&temp=test&cHash=286759dfcd3f566fa21091a0d77e9831">This is a testlink</a>',
],
'link: with add query string and exclude' => [
- '<f:link.typolink parameter="1" addQueryString="true" addQueryStringExclude="temp">This is a testlink</f:link.typolink>',
+ '<f:link.typolink parameter="1" addQueryString="untrusted" addQueryStringExclude="temp">This is a testlink</f:link.typolink>',
'<a href="/en/?foo=bar&cHash=afa4b37588ab917af3cfe2cd4464029d">This is a testlink</a>',
],
't3://url link: default' => [
@@ -55,11 +55,11 @@ class TypolinkViewHelperTest extends FunctionalTestCase
'<a href="https://example.org?param=1">This is a testlink</a>',
],
't3://url link: with add query string' => [
- '<f:link.typolink parameter="t3://url?url=https://example.org?param=1&other=dude" addQueryString="true">This is a testlink</f:link.typolink>',
+ '<f:link.typolink parameter="t3://url?url=https://example.org?param=1&other=dude" addQueryString="untrusted">This is a testlink</f:link.typolink>',
'<a href="https://example.org?param=1">This is a testlink</a>',
],
't3://url link: with add query string and exclude' => [
- '<f:link.typolink parameter="t3://url?url=https://example.org?param=1&other=dude" addQueryString="true" addQueryStringExclude="temp">This is a testlink</f:link.typolink>',
+ '<f:link.typolink parameter="t3://url?url=https://example.org?param=1&other=dude" addQueryString="untrusted" addQueryStringExclude="temp">This is a testlink</f:link.typolink>',
'<a href="https://example.org?param=1">This is a testlink</a>',
],
'mailto: link: default' => [
@@ -67,11 +67,11 @@ class TypolinkViewHelperTest extends FunctionalTestCase
'<a href="mailto:foo@typo3.org">This is a testlink</a>',
],
'mailto: link: with add query string' => [
- '<f:link.typolink parameter="mailto:foo@typo3.org" addQueryString="true">This is a testlink</f:link.typolink>',
+ '<f:link.typolink parameter="mailto:foo@typo3.org" addQueryString="untrusted">This is a testlink</f:link.typolink>',
'<a href="mailto:foo@typo3.org">This is a testlink</a>',
],
'mailto: link: with add query string and exclude' => [
- '<f:link.typolink parameter="mailto:foo@typo3.org" addQueryString="true" addQueryStringExclude="temp">This is a testlink</f:link.typolink>',
+ '<f:link.typolink parameter="mailto:foo@typo3.org" addQueryString="untrusted" addQueryStringExclude="temp">This is a testlink</f:link.typolink>',
'<a href="mailto:foo@typo3.org">This is a testlink</a>',
],
'http://: link: default' => [
@@ -79,11 +79,11 @@ class TypolinkViewHelperTest extends FunctionalTestCase
'<a href="http://typo3.org/foo/?foo=bar">This is a testlink</a>',
],
'http://: link: with add query string' => [
- '<f:link.typolink parameter="http://typo3.org/foo/?foo=bar" addQueryString="true">This is a testlink</f:link.typolink>',
+ '<f:link.typolink parameter="http://typo3.org/foo/?foo=bar" addQueryString="untrusted">This is a testlink</f:link.typolink>',
'<a href="http://typo3.org/foo/?foo=bar">This is a testlink</a>',
],
'http://: link: with add query string and exclude' => [
- '<f:link.typolink parameter="http://typo3.org/foo/?foo=bar" addQueryString="true" addQueryStringExclude="temp">This is a testlink</f:link.typolink>',
+ '<f:link.typolink parameter="http://typo3.org/foo/?foo=bar" addQueryString="untrusted" addQueryStringExclude="temp">This is a testlink</f:link.typolink>',
'<a href="http://typo3.org/foo/?foo=bar">This is a testlink</a>',
],
'page with complex title and extended parameters' => [
diff --git a/typo3/sysext/fluid/Tests/Functional/ViewHelpers/Uri/TypolinkViewHelperTest.php b/typo3/sysext/fluid/Tests/Functional/ViewHelpers/Uri/TypolinkViewHelperTest.php
index 60881332dbdcd0a04c325b827f85f9c39a48f1f4..a8b2cbb99c5fac58961808b7e4d223861e4fad79 100644
--- a/typo3/sysext/fluid/Tests/Functional/ViewHelpers/Uri/TypolinkViewHelperTest.php
+++ b/typo3/sysext/fluid/Tests/Functional/ViewHelpers/Uri/TypolinkViewHelperTest.php
@@ -54,11 +54,11 @@ class TypolinkViewHelperTest extends FunctionalTestCase
'/en/',
],
'uri: with add query string' => [
- '<f:uri.typolink parameter="1" addQueryString="true" />',
+ '<f:uri.typolink parameter="1" addQueryString="untrusted" />',
'/en/?foo=bar&temp=test&cHash=286759dfcd3f566fa21091a0d77e9831',
],
'uri: with add query string and exclude' => [
- '<f:uri.typolink parameter="1" addQueryString="true" addQueryStringExclude="temp" />',
+ '<f:uri.typolink parameter="1" addQueryString="untrusted" addQueryStringExclude="temp" />',
'/en/?foo=bar&cHash=afa4b37588ab917af3cfe2cd4464029d',
],
't3://url uri: default' => [
@@ -66,11 +66,11 @@ class TypolinkViewHelperTest extends FunctionalTestCase
'https://example.org?param=1',
],
't3://url uri: with add query string' => [
- '<f:uri.typolink parameter="t3://url?url=https://example.org?param=1&other=dude" addQueryString="true" />',
+ '<f:uri.typolink parameter="t3://url?url=https://example.org?param=1&other=dude" addQueryString="untrusted" />',
'https://example.org?param=1',
],
't3://url uri: with add query string and exclude' => [
- '<f:uri.typolink parameter="t3://url?url=https://example.org?param=1&other=dude" addQueryString="true" addQueryStringExclude="temp" />',
+ '<f:uri.typolink parameter="t3://url?url=https://example.org?param=1&other=dude" addQueryString="untrusted" addQueryStringExclude="temp" />',
'https://example.org?param=1',
],
'mailto: uri: default' => [
@@ -78,11 +78,11 @@ class TypolinkViewHelperTest extends FunctionalTestCase
'mailto:foo@typo3.org',
],
'mailto: uri: with add query string' => [
- '<f:uri.typolink parameter="mailto:foo@typo3.org" addQueryString="true" />',
+ '<f:uri.typolink parameter="mailto:foo@typo3.org" addQueryString="untrusted" />',
'mailto:foo@typo3.org',
],
'mailto: uri: with add query string and exclude' => [
- '<f:uri.typolink parameter="mailto:foo@typo3.org" addQueryString="true" addQueryStringExclude="temp" />',
+ '<f:uri.typolink parameter="mailto:foo@typo3.org" addQueryString="untrusted" addQueryStringExclude="temp" />',
'mailto:foo@typo3.org',
],
'http://: uri: default' => [
@@ -90,11 +90,11 @@ class TypolinkViewHelperTest extends FunctionalTestCase
'http://typo3.org/foo/?foo=bar',
],
'http://: uri: with add query string' => [
- '<f:uri.typolink parameter="http://typo3.org/foo/?foo=bar" addQueryString="true" />',
+ '<f:uri.typolink parameter="http://typo3.org/foo/?foo=bar" addQueryString="untrusted" />',
'http://typo3.org/foo/?foo=bar',
],
'http://: uri: with add query string and exclude' => [
- '<f:uri.typolink parameter="http://typo3.org/foo/?foo=bar" addQueryString="true" addQueryStringExclude="temp" />',
+ '<f:uri.typolink parameter="http://typo3.org/foo/?foo=bar" addQueryString="untrusted" addQueryStringExclude="temp" />',
'http://typo3.org/foo/?foo=bar',
],
];
diff --git a/typo3/sysext/frontend/Classes/ContentObject/ContentObjectRenderer.php b/typo3/sysext/frontend/Classes/ContentObject/ContentObjectRenderer.php
index 54824de3cb5aaff2590afa02a5805b7350c8d16e..304ec201d9ca52df1febb8e0be2f4d1d672aef7e 100644
--- a/typo3/sysext/frontend/Classes/ContentObject/ContentObjectRenderer.php
+++ b/typo3/sysext/frontend/Classes/ContentObject/ContentObjectRenderer.php
@@ -4673,9 +4673,11 @@ class ContentObjectRenderer implements LoggerAwareInterface
*
* @param array $conf Configuration
* @return string The URL query part (starting with a &)
+ * @deprecated will be removed in TYPO3 v13.0
*/
public function getQueryArguments($conf)
{
+ trigger_error('Calling ContentObjectRenderer->getQueryArguments() will be removed in TYPO3 v13.0. Use LinkFactory directly to create links', E_USER_DEPRECATED);
$currentQueryArray = $this->getRequest()->getQueryParams();
if ($conf['exclude'] ?? false) {
$excludeString = str_replace(',', '&', $conf['exclude']);
diff --git a/typo3/sysext/frontend/Classes/Controller/TypoScriptFrontendController.php b/typo3/sysext/frontend/Classes/Controller/TypoScriptFrontendController.php
index 6e24edb56773ff6fd187c6929f48618b4cac2c62..a9a9967bb0d9a6d0414ea1f26cb0de4e5f47e02e 100644
--- a/typo3/sysext/frontend/Classes/Controller/TypoScriptFrontendController.php
+++ b/typo3/sysext/frontend/Classes/Controller/TypoScriptFrontendController.php
@@ -1662,7 +1662,7 @@ class TypoScriptFrontendController implements LoggerAwareInterface
}
return GeneralUtility::makeInstance(ContentObjectRenderer::class, $this)->createUrl([
'parameter' => $parameter,
- 'addQueryString' => true,
+ 'addQueryString' => 'untrusted',
'addQueryString.' => ['exclude' => 'id,type'],
'forceAbsoluteUrl' => true,
]);
diff --git a/typo3/sysext/frontend/Classes/Typolink/PageLinkBuilder.php b/typo3/sysext/frontend/Classes/Typolink/PageLinkBuilder.php
index a3c9507206c46c540bb5bc0cc141fc3b98d85c85..74797cc68cc7ffeb4c28c475c654ad2db26dc98c 100644
--- a/typo3/sysext/frontend/Classes/Typolink/PageLinkBuilder.php
+++ b/typo3/sysext/frontend/Classes/Typolink/PageLinkBuilder.php
@@ -33,13 +33,16 @@ use TYPO3\CMS\Core\Exception\SiteNotFoundException;
use TYPO3\CMS\Core\Http\Uri;
use TYPO3\CMS\Core\LinkHandling\LinkService;
use TYPO3\CMS\Core\Routing\InvalidRouteArgumentsException;
+use TYPO3\CMS\Core\Routing\PageArguments;
use TYPO3\CMS\Core\Routing\RouterInterface;
use TYPO3\CMS\Core\Site\Entity\Site;
use TYPO3\CMS\Core\Site\Entity\SiteInterface;
use TYPO3\CMS\Core\Site\Entity\SiteLanguage;
use TYPO3\CMS\Core\Site\SiteFinder;
use TYPO3\CMS\Core\Type\Bitmask\PageTranslationVisibility;
+use TYPO3\CMS\Core\Utility\ArrayUtility;
use TYPO3\CMS\Core\Utility\GeneralUtility;
+use TYPO3\CMS\Core\Utility\HttpUtility;
use TYPO3\CMS\Core\Utility\MathUtility;
use TYPO3\CMS\Core\Utility\RootlineUtility;
use TYPO3\CMS\Frontend\Controller\TypoScriptFrontendController;
@@ -219,7 +222,7 @@ class PageLinkBuilder extends AbstractTypolinkBuilder
}
$queryParameters = [];
- $addQueryParams = ($conf['addQueryString'] ?? false) ? $this->contentObjectRenderer->getQueryArguments($conf['addQueryString.'] ?? []) : '';
+ $addQueryParams = ($conf['addQueryString'] ?? false) ? $this->getQueryArguments($conf['addQueryString'], $conf['addQueryString.'] ?? []) : '';
$addQueryParams .= trim((string)$this->contentObjectRenderer->stdWrapValue('additionalParams', $conf));
if ($addQueryParams === '&' || ($addQueryParams[0] ?? '') !== '&') {
$addQueryParams = '';
@@ -718,6 +721,42 @@ class PageLinkBuilder extends AbstractTypolinkBuilder
}
}
+ /**
+ * Gets the query arguments and assembles them for URLs.
+ * By default, only the resolved query arguments from the route are used, using "untrusted" as $queryInformation
+ * allows to also include ANY query parameter - use with care.
+ *
+ * Arguments may be removed or set, depending on configuration.
+ *
+ * @param bool|string|int $queryInformation is set to "1", "true", "0", "false" or "untrusted"
+ * @param array $configuration Configuration
+ * @return string The URL query part (starting with a &) or empty
+ */
+ protected function getQueryArguments(bool|string|int $queryInformation, array $configuration): string
+ {
+ if (!$queryInformation || $queryInformation === 'false') {
+ return '';
+ }
+ $request = $this->contentObjectRenderer->getRequest();
+ $pageArguments = $request->getAttribute('routing');
+ if (!$pageArguments instanceof PageArguments) {
+ return '';
+ }
+ $currentQueryArray = $pageArguments->getRouteArguments();
+ if ($queryInformation === 'untrusted') {
+ $currentQueryArray = array_replace_recursive($pageArguments->getQueryArguments(), $currentQueryArray);
+ }
+ if ($configuration['exclude'] ?? false) {
+ $excludeString = str_replace(',', '&', $configuration['exclude']);
+ $excludedQueryParts = [];
+ parse_str($excludeString, $excludedQueryParts);
+ $newQueryArray = ArrayUtility::arrayDiffKeyRecursive($currentQueryArray, $excludedQueryParts);
+ } else {
+ $newQueryArray = $currentQueryArray;
+ }
+ return HttpUtility::buildQueryString($newQueryArray, '&');
+ }
+
/**
* Check if we have a site object in the current request. if null, this usually means that
* this class was called from CLI context.
diff --git a/typo3/sysext/frontend/Tests/Unit/ContentObject/ContentObjectRendererTest.php b/typo3/sysext/frontend/Tests/Unit/ContentObject/ContentObjectRendererTest.php
index 2b34fe22246c584669290d41584873b4998590e8..c0896577d55c3020d4a1360ba47faf47b276f1fa 100644
--- a/typo3/sysext/frontend/Tests/Unit/ContentObject/ContentObjectRendererTest.php
+++ b/typo3/sysext/frontend/Tests/Unit/ContentObject/ContentObjectRendererTest.php
@@ -332,50 +332,6 @@ class ContentObjectRendererTest extends UnitTestCase
self::assertNull($object);
}
- /////////////////////////////////////////
- // Tests concerning getQueryArguments()
- /////////////////////////////////////////
- /**
- * @test
- */
- public function getQueryArgumentsExcludesParameters(): void
- {
- $queryParameters = [
- 'key1' => 'value1',
- 'key2' => 'value2',
- 'key3' => [
- 'key31' => 'value31',
- 'key32' => [
- 'key321' => 'value321',
- 'key322' => 'value322',
- ],
- ],
- ];
- $request = new ServerRequest('https://example.com');
- $request = $request->withQueryParams($queryParameters);
- $getQueryArgumentsConfiguration = [];
- $getQueryArgumentsConfiguration['exclude'] = [];
- $getQueryArgumentsConfiguration['exclude'][] = 'key1';
- $getQueryArgumentsConfiguration['exclude'][] = 'key3[key31]';
- $getQueryArgumentsConfiguration['exclude'][] = 'key3[key32][key321]';
- $getQueryArgumentsConfiguration['exclude'] = implode(',', $getQueryArgumentsConfiguration['exclude']);
- $expectedResult = $this->rawUrlEncodeSquareBracketsInUrl('&key2=value2&key3[key32][key322]=value322');
- $this->subject->setRequest($request);
- $actualResult = $this->subject->getQueryArguments($getQueryArgumentsConfiguration);
- self::assertEquals($expectedResult, $actualResult);
- }
-
- /**
- * Encodes square brackets in URL.
- *
- * @param string $string
- * @return string
- */
- private function rawUrlEncodeSquareBracketsInUrl(string $string): string
- {
- return str_replace(['[', ']'], ['%5B', '%5D'], $string);
- }
-
//////////////////////////
// Tests concerning crop
//////////////////////////
diff --git a/typo3/sysext/frontend/Tests/Unit/Typolink/PageLinkBuilderTest.php b/typo3/sysext/frontend/Tests/Unit/Typolink/PageLinkBuilderTest.php
new file mode 100644
index 0000000000000000000000000000000000000000..e54c4ecfa5c61b65c9fc3739f142317899640ad2
--- /dev/null
+++ b/typo3/sysext/frontend/Tests/Unit/Typolink/PageLinkBuilderTest.php
@@ -0,0 +1,76 @@
+<?php
+
+declare(strict_types=1);
+
+/*
+ * This file is part of the TYPO3 CMS project.
+ *
+ * It is free software; you can redistribute it and/or modify it under
+ * the terms of the GNU General Public License, either version 2
+ * of the License, or any later version.
+ *
+ * For the full copyright and license information, please read the
+ * LICENSE.txt file that was distributed with this source code.
+ *
+ * The TYPO3 project - inspiring people to share!
+ */
+
+namespace TYPO3\CMS\Frontend\Tests\Unit\Typolink;
+
+use TYPO3\CMS\Core\Http\ServerRequest;
+use TYPO3\CMS\Core\Routing\PageArguments;
+use TYPO3\CMS\Frontend\ContentObject\ContentObjectRenderer;
+use TYPO3\CMS\Frontend\Typolink\PageLinkBuilder;
+use TYPO3\TestingFramework\Core\Unit\UnitTestCase;
+
+/**
+ * Test case
+ */
+class PageLinkBuilderTest extends UnitTestCase
+{
+ /**
+ * @test
+ */
+ public function getQueryArgumentsExcludesParameters(): void
+ {
+ $queryParameters = [
+ 'key1' => 'value1',
+ 'key2' => 'value2',
+ 'key3' => [
+ 'key31' => 'value31',
+ 'key32' => [
+ 'key321' => 'value321',
+ 'key322' => 'value322',
+ ],
+ ],
+ ];
+ $request = new ServerRequest('https://example.com');
+ $request = $request->withQueryParams($queryParameters);
+ $request = $request->withAttribute('routing', new PageArguments(1, '', $queryParameters, [], []));
+ $configuration = [];
+ $configuration['exclude'] = [];
+ $configuration['exclude'][] = 'key1';
+ $configuration['exclude'][] = 'key3[key31]';
+ $configuration['exclude'][] = 'key3[key32][key321]';
+ $configuration['exclude'] = implode(',', $configuration['exclude']);
+ $expectedResult = $this->rawUrlEncodeSquareBracketsInUrl('&key2=value2&key3[key32][key322]=value322');
+ $GLOBALS['TSFE'] = new \stdClass();
+ $cObj = new ContentObjectRenderer();
+ $cObj->setRequest($request);
+ $subject = $this->getAccessibleMock(PageLinkBuilder::class, ['dummy'], [], '', false);
+ $subject->_set('contentObjectRenderer', $cObj);
+ $actualResult = $subject->_call('getQueryArguments', 'untrusted', $configuration);
+ self::assertEquals($expectedResult, $actualResult);
+ }
+
+ /**
+ * Encodes square brackets in URL.
+ *
+ * @param string $string
+ * @return string
+ */
+ private function rawUrlEncodeSquareBracketsInUrl(string $string): string
+ {
+ return str_replace(['[', ']'], ['%5B', '%5D'], $string);
+ }
+}
diff --git a/typo3/sysext/install/Configuration/ExtensionScanner/Php/MethodCallMatcher.php b/typo3/sysext/install/Configuration/ExtensionScanner/Php/MethodCallMatcher.php
index f9ff9b58f2d4e94544980594f9b3205bb425a031..319da8e0d4b6385e4ee1b6b03c7c8e667e40f429 100644
--- a/typo3/sysext/install/Configuration/ExtensionScanner/Php/MethodCallMatcher.php
+++ b/typo3/sysext/install/Configuration/ExtensionScanner/Php/MethodCallMatcher.php
@@ -5358,4 +5358,11 @@ return [
'Deprecation-98479-DeprecatedFileReferenceRelatedFunctionality.rst',
],
],
+ 'TYPO3\CMS\Frontend\ContentObject\ContentObjectRenderer->getQueryArguments' => [
+ 'numberOfMandatoryArguments' => 1,
+ 'maximumNumberOfArguments' => 1,
+ 'restFiles' => [
+ 'Deprecation-98488-ContentObjectRenderer-getQueryArguments.rst',
+ ],
+ ],
];