[BUGFIX] Felogin allows redirect to any site
With #86219 the migration from sys_domain records to Sites was faulty. Formerly all known domain records were inspected in order to decide whether a domain was local or not. This was changed to an invalid check covering the current site only. This change now again validates all known sites. Resolves: #92626 Related: #86219 Releases: master, 10.4, 9.5 Change-Id: I2ce4dc0e8891ee2b438c42d20fff10428fafa7e9 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/66227 Tested-by:TYPO3com <noreply@typo3.com> Tested-by:
Helmut Hummel <typo3@helhum.io> Tested-by:
Georg Ringer <georg.ringer@gmail.com> Reviewed-by:
Showing
- typo3/sysext/felogin/Classes/Redirect/RedirectModeHandler.php 1 addition, 2 deletions...3/sysext/felogin/Classes/Redirect/RedirectModeHandler.php
- typo3/sysext/felogin/Classes/Redirect/ServerRequestHandler.php 1 addition, 2 deletions.../sysext/felogin/Classes/Redirect/ServerRequestHandler.php
- typo3/sysext/felogin/Classes/Validation/RedirectUrlValidator.php 6 additions, 15 deletions...ysext/felogin/Classes/Validation/RedirectUrlValidator.php
- typo3/sysext/felogin/Tests/Unit/Validation/RedirectUrlValidatorTest.php 22 additions, 5 deletions...elogin/Tests/Unit/Validation/RedirectUrlValidatorTest.php
Please register or sign in to comment