[BUGFIX] Consider failed logins for felogin redirect mode 'referer'
The redirect mode `referer` has been fixed with #91844. The fix is however incomplete, since it always uses the current HTTP_REFERER for redirect evaluation. This is problematic, if the login fails due to wrong credentials. In such a scenario, the user is redirected to the login page, which also overwrites the original HTTP_REFERER and results in the user being redirected to the login page after successful login. This patch ensures, that the original HTTP_REFERER is evaluated in the loginAction and passed as a variable to the login form, where it is used in the hidden field `referer`. This ensures, that the initial evaluated referer is kept in the failed login scenario. Resolves: #99920 Related: #91844 Releases: main, 11.5 Signed-off-by:Torben Hansen <derhansen@gmail.com> Change-Id: Ibe572832f443beaa9b1997f767a8777f282038c4 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77859 Reviewed-by: Felix Nagel Reviewed-by:
Benni Mack <benni@typo3.org> Tested-by:
core-ci <typo3@b13.com> Tested-by:
Markus Klein <markus.klein@typo3.org> Tested-by:
Thomas Hohn <tho@gyldendal.dk>
Showing
Please register or sign in to comment