[!!!][TASK] Remove Frontend Track User functionality
The functionality "ftu" ("Frontend Track User"), which allows
to send the session through GET parameter within the site
has been removed.
It was used to hand in a session via `config.ftu = 1` and
the GET parameter "ftu=a-32-character-string", which then
started a session which was added to any link generated.
This way, sessions could _have_ been transferred across
domains but only if cookies would not be activated by
the browser, which is unreliable.
In order to pave the way to modern standards (OTP
or JWT), this functionality is removed, as the ftu functionality
has some flaws, conceptually and security wise.
Removed public properties
* AbstractUserAuthentication->get_name
* AbstractUserAuthentication->getFallBack
* AbstractUserAuthentication->getMethodEnabled
* AbstractUserAuthentication->get_URL_ID
* TypoScriptFrontendController->getMethodUrlIdToken
Removed TypoScript:
* config.ftu = 1
Removed TYPO3_CONF_VARS
* $TYPO3_CONF_VARS[FE][get_url_id_token]
GET Parameter "ftu" has no special meaning anymore.
Resolves: #88458
Releases: master
Change-Id: I664be44228b2180909f6abfda8acfcd5fe36aa5a
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60840
Tested-by: 
Markus Klein <markus.klein@typo3.org>
Tested-by: 
TYPO3com <noreply@typo3.com>
Tested-by: 
Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Markus Klein <markus.klein@typo3.org>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Showing
- typo3/sysext/core/Classes/Authentication/AbstractUserAuthentication.php 7 additions, 54 deletions...ore/Classes/Authentication/AbstractUserAuthentication.php
- typo3/sysext/core/Configuration/DefaultConfiguration.php 0 additions, 1 deletiontypo3/sysext/core/Configuration/DefaultConfiguration.php
- typo3/sysext/core/Configuration/DefaultConfigurationDescription.yaml 0 additions, 3 deletions...t/core/Configuration/DefaultConfigurationDescription.yaml
- typo3/sysext/core/Documentation/Changelog/master/Breaking-88458-RemovedFrontendTrackUserFtuFunctionality.rst 51 additions, 0 deletions...eaking-88458-RemovedFrontendTrackUserFtuFunctionality.rst
- typo3/sysext/frontend/Classes/Authentication/FrontendUserAuthentication.php 1 addition, 8 deletions...end/Classes/Authentication/FrontendUserAuthentication.php
- typo3/sysext/frontend/Classes/Controller/TypoScriptFrontendController.php 0 additions, 29 deletions...ntend/Classes/Controller/TypoScriptFrontendController.php
- typo3/sysext/frontend/Classes/Page/CacheHashCalculator.php 1 addition, 1 deletiontypo3/sysext/frontend/Classes/Page/CacheHashCalculator.php
- typo3/sysext/install/Classes/Service/SilentConfigurationUpgradeService.php 2 additions, 0 deletions...all/Classes/Service/SilentConfigurationUpgradeService.php
- typo3/sysext/install/Configuration/ExtensionScanner/Php/ArrayDimensionMatcher.php 5 additions, 0 deletions...figuration/ExtensionScanner/Php/ArrayDimensionMatcher.php
- typo3/sysext/install/Configuration/ExtensionScanner/Php/PropertyPublicMatcher.php 25 additions, 0 deletions...figuration/ExtensionScanner/Php/PropertyPublicMatcher.php
- typo3/sysext/t3editor/Resources/Private/tsref.xml 0 additions, 11 deletionstypo3/sysext/t3editor/Resources/Private/tsref.xml
- typo3/sysext/t3editor/Resources/Public/JavaScript/Mode/typoscript/typoscript.js 0 additions, 1 deletion...Resources/Public/JavaScript/Mode/typoscript/typoscript.js
Please register or sign in to comment