From 8ddd3629ca66e41c15d03881197bb6589c2574ba Mon Sep 17 00:00:00 2001
From: Oliver Bartsch <bo@cedev.de>
Date: Sun, 3 Mar 2024 13:39:54 +0100
Subject: [PATCH] [TASK] Apply preg_replace over str_replace for splitted
bparams string
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Resolves: #103254
Releases: main
Change-Id: Ibdba6d76507c0889d42e7d42247f22eebaecbd1e
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/83181
Tested-by: Oliver Bartsch <bo@cedev.de>
Reviewed-by: Oliver Klee <typo3-coding@oliverklee.de>
Reviewed-by: Jochen Roth <rothjochen@gmail.com>
Reviewed-by: Stefan Bürk <stefan@buerk.tech>
Reviewed-by: Oliver Bartsch <bo@cedev.de>
Tested-by: Stefan Bürk <stefan@buerk.tech>
Tested-by: core-ci <typo3@b13.com>
Tested-by: Jochen Roth <rothjochen@gmail.com>
---
typo3/sysext/filelist/Classes/ElementBrowser/FileBrowser.php | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/typo3/sysext/filelist/Classes/ElementBrowser/FileBrowser.php b/typo3/sysext/filelist/Classes/ElementBrowser/FileBrowser.php
index 4e90ce79f065..32ed8ce5f0b5 100644
--- a/typo3/sysext/filelist/Classes/ElementBrowser/FileBrowser.php
+++ b/typo3/sysext/filelist/Classes/ElementBrowser/FileBrowser.php
@@ -61,8 +61,8 @@ class FileBrowser extends AbstractResourceBrowser
$this->searchWord = trim((string)($request->getParsedBody()['searchTerm'] ?? $request->getQueryParams()['searchTerm'] ?? ''));
$fileExtensions = GeneralUtility::trimExplode('~', explode('|', $this->bparams)[3], true);
- $allowed = str_replace('allowed=', '', $fileExtensions[0] ?? '');
- $disallowed = str_replace('disallowed=', '', $fileExtensions[1] ?? '');
+ $allowed = preg_replace('/^allowed=/', '', $fileExtensions[0] ?? '', 1);
+ $disallowed = preg_replace('/^disallowed=/', '', $fileExtensions[1] ?? '', 1);
$this->fileExtensionFilter = GeneralUtility::makeInstance(FileExtensionFilter::class);
if ($allowed !== '' && !str_contains($allowed, 'sys_file') && !str_contains($allowed, '*')) {
--
GitLab