From ada1c58208fcdb6722759390b73da31c892ee262 Mon Sep 17 00:00:00 2001
From: Benni Mack <benni@typo3.org>
Date: Thu, 13 Feb 2020 16:49:35 +0100
Subject: [PATCH] [TASK] Remove unused special GET parameters

Several ADMCMD_ and  TSFE_ADMIN_PANEL variables
are excluded from cHash, but were never evaluated before.

The GET parameters are removed from setting and calculation
in cacheHash.

Resolves: #90412
Releases: master
Change-Id: I4c6781fca4fd6ccc50bd068f266619b2a2a0cf15
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/63236
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Tested-by: Georg Ringer <georg.ringer@gmail.com>
Reviewed-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Reviewed-by: Georg Ringer <georg.ringer@gmail.com>
---
 typo3/sysext/frontend/Classes/Page/CacheHashCalculator.php  | 6 ++----
 .../frontend/Tests/Unit/Page/CacheHashCalculatorTest.php    | 1 -
 .../workspaces/Classes/Controller/PreviewController.php     | 4 +---
 3 files changed, 3 insertions(+), 8 deletions(-)

diff --git a/typo3/sysext/frontend/Classes/Page/CacheHashCalculator.php b/typo3/sysext/frontend/Classes/Page/CacheHashCalculator.php
index 8c23a7e7cf70..6422a9085fc8 100644
--- a/typo3/sysext/frontend/Classes/Page/CacheHashCalculator.php
+++ b/typo3/sysext/frontend/Classes/Page/CacheHashCalculator.php
@@ -151,16 +151,14 @@ class CacheHashCalculator implements SingletonInterface
 
     /**
      * Checks whether the given parameter is out of a known data-set starting
-     * with ADMCMD or starts with TSFE_ADMIN_PANEL.
+     * with ADMCMD.
      *
      * @param string $key
      * @return bool
      */
     protected function isAdminPanelParameter($key)
     {
-        return $key === 'ADMCMD_noBeUser' || $key === 'ADMCMD_view' || $key === 'ADMCMD_editIcons'
-            || $key === 'ADMCMD_simUser' || $key === 'ADMCMD_simTime' || $key === 'ADMCMD_prev'
-            || stripos($key, 'TSFE_ADMIN_PANEL') !== false && preg_match('/TSFE_ADMIN_PANEL\\[.*?\\]/', $key);
+        return $key === 'ADMCMD_noBeUser' || $key === 'ADMCMD_simUser' || $key === 'ADMCMD_simTime' || $key === 'ADMCMD_prev';
     }
 
     /**
diff --git a/typo3/sysext/frontend/Tests/Unit/Page/CacheHashCalculatorTest.php b/typo3/sysext/frontend/Tests/Unit/Page/CacheHashCalculatorTest.php
index dc33391bb563..bc10e93a8629 100644
--- a/typo3/sysext/frontend/Tests/Unit/Page/CacheHashCalculatorTest.php
+++ b/typo3/sysext/frontend/Tests/Unit/Page/CacheHashCalculatorTest.php
@@ -163,7 +163,6 @@ class CacheHashCalculatorTest extends UnitTestCase
             'Only the relevant parts should be taken into account' => ['&id=42&key=value&exclude1=val', $knowHash],
             'Only the relevant parts should be taken into account(exclude2 before key)' => ['&id=42&exclude2=val&key=value', $knowHash],
             'System parameters should not be taken into account (except id)' => ['&id=42&type=23&key=value', $knowHash],
-            'Admin panel parameters should not be taken into account' => ['&id=42&TSFE_ADMIN_PANEL[display]=7&key=value', $knowHash],
             'Trivial hash for sorted parameters should be right' => ['&id=42&a=v&b=v', '52c8a1299e20324f90377c43153c4987'],
             'Parameters should be sorted before cHash is created' => ['&id=42&b=v&a=v', '52c8a1299e20324f90377c43153c4987'],
             'Empty argument names are filtered out before cHash calculation' => ['&id=42&b=v&a=v&=dummy', '52c8a1299e20324f90377c43153c4987']
diff --git a/typo3/sysext/workspaces/Classes/Controller/PreviewController.php b/typo3/sysext/workspaces/Classes/Controller/PreviewController.php
index fb4f22bfa53e..cc443d2b2e0e 100644
--- a/typo3/sysext/workspaces/Classes/Controller/PreviewController.php
+++ b/typo3/sysext/workspaces/Classes/Controller/PreviewController.php
@@ -150,16 +150,14 @@ class PreviewController
                 $queryParameters['_language'] = $site->getLanguageById((int)$queryParameters['L']);
                 unset($queryParameters['L']);
             }
+            $parameters = $queryParameters;
             if (!WorkspaceService::isNewPage($this->pageId)) {
-                $parameters = $queryParameters;
                 $parameters['ADMCMD_noBeUser'] = 1;
                 $parameters['ADMCMD_prev'] = 'IGNORE';
                 $liveUrl = (string)$site->getRouter()->generateUri($this->pageId, $parameters);
             }
 
             $parameters = $queryParameters;
-            $parameters['ADMCMD_view'] = 1;
-            $parameters['ADMCMD_editIcons'] = 1;
             $parameters['ADMCMD_prev'] = 'IGNORE';
             $wsUrl = (string)$site->getRouter()->generateUri($this->pageId, $parameters);
         } catch (SiteNotFoundException | InvalidRouteArgumentsException $e) {
-- 
GitLab