From a8c6b34bdb245b523b081b9be6e3859f32080a63 Mon Sep 17 00:00:00 2001
From: Pierrick Caillon <pierrick.caillon@plan-net.fr>
Date: Tue, 31 Jan 2017 12:30:31 +0100
Subject: [PATCH] [BUGFIX] Wrong computed baseURL with FE editing RTE

Frontend editing button for editing a content now
url encode the return URL. The HTMLAREA baseURL
computation now excludes query parameters and anchor
from the document URL.

Resolves: #79568
Related: #65705
Related: #65608
Releases: master
Change-Id: I57ae5257ab62cff1398a0b2d088fe7ba3b126c76
Reviewed-on: https://review.typo3.org/51489
Tested-by: TYPO3com <no-reply@typo3.com>
Reviewed-by: Mona Muzaffar <mona.muzaffar@gmx.de>
Tested-by: Mona Muzaffar <mona.muzaffar@gmx.de>
Reviewed-by: Benni Mack <benni@typo3.org>
Tested-by: Benni Mack <benni@typo3.org>
---
 typo3/sysext/feedit/Classes/FrontendEditPanel.php               | 2 +-
 .../Public/JavaScript/HTMLArea/Configuration/Config.js          | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/typo3/sysext/feedit/Classes/FrontendEditPanel.php b/typo3/sysext/feedit/Classes/FrontendEditPanel.php
index 187d1e1f3636..284f3ba897da 100644
--- a/typo3/sysext/feedit/Classes/FrontendEditPanel.php
+++ b/typo3/sysext/feedit/Classes/FrontendEditPanel.php
@@ -298,7 +298,7 @@ class FrontendEditPanel
     {
         $width = MathUtility::forceIntegerInRange($this->backendUser->getTSConfigVal('options.feedit.popupWidth'), 690, 5000, 690);
         $height = MathUtility::forceIntegerInRange($this->backendUser->getTSConfigVal('options.feedit.popupHeight'), 500, 5000, 500);
-        $onclick = 'vHWin=window.open(' . GeneralUtility::quoteJSvalue($url . '&returnUrl=' . PathUtility::getAbsoluteWebPath(ExtensionManagementUtility::siteRelPath('backend') . 'Resources/Private/Templates/Close.html')) . ',\'FEquickEditWindow\',\'width=' . $width . ',height=' . $height . ',status=0,menubar=0,scrollbars=1,resizable=1\');vHWin.focus();return false;';
+        $onclick = 'vHWin=window.open(' . GeneralUtility::quoteJSvalue($url . '&returnUrl=' . rawurlencode(PathUtility::getAbsoluteWebPath(ExtensionManagementUtility::siteRelPath('backend') . 'Resources/Private/Templates/Close.html'))) . ',\'FEquickEditWindow\',\'width=' . $width . ',height=' . $height . ',status=0,menubar=0,scrollbars=1,resizable=1\');vHWin.focus();return false;';
         return '<a href="#" class="btn btn-default btn-sm ' . htmlspecialchars($additionalClasses) . '" onclick="' . htmlspecialchars($onclick) . '" class="frontEndEditIconLinks">' . $string . '</a>';
     }
 
diff --git a/typo3/sysext/rtehtmlarea/Resources/Public/JavaScript/HTMLArea/Configuration/Config.js b/typo3/sysext/rtehtmlarea/Resources/Public/JavaScript/HTMLArea/Configuration/Config.js
index 272aef43b0fe..1ce0594be987 100644
--- a/typo3/sysext/rtehtmlarea/Resources/Public/JavaScript/HTMLArea/Configuration/Config.js
+++ b/typo3/sysext/rtehtmlarea/Resources/Public/JavaScript/HTMLArea/Configuration/Config.js
@@ -57,7 +57,7 @@ define(['TYPO3/CMS/Rtehtmlarea/HTMLArea/UserAgent/UserAgent',
 				this.baseURL = document.URL;
 			}
 		}
-		if (this.baseURL && this.baseURL.match(/(.*\:\/\/.*\/)[^\/]*/)) {
+		if (this.baseURL && this.baseURL.match(/(.*\:\/\/[^?#]*\/)[^\/]*/)) {
 			this.baseURL = RegExp.$1;
 		}
 			// URL-s
-- 
GitLab