From df4b0966e77e46e83983245322f3d652c768f1ee Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Stephan=20Gro=C3=9Fberndt?= <stephan@grossberndt.de>
Date: Fri, 8 Dec 2017 15:38:44 +0100
Subject: [PATCH] [BUGFIX] Access Close.html from Resources/Public/Html/
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Clicking the close button in a editing popup accesses Close.html in
Resources/Public/Html/ which is a folder accessible by a web user
instead of Resources/Private/Templates/ which lead to a HTTP 403 error
on closing the popup.

Releases: master, 8.7, 7.6
Resolves: #83258
Related: #68108
Change-Id: Ibe7e328936240df436a3c9585e53122f1577dc6e
Reviewed-on: https://review.typo3.org/54993
Reviewed-by: Stephan Großberndt <stephan@grossberndt.de>
Tested-by: Stephan Großberndt <stephan@grossberndt.de>
Tested-by: TYPO3com <no-reply@typo3.com>
Reviewed-by: Stefan Neufeind <typo3.neufeind@speedpartner.de>
Tested-by: Susanne Moog <susanne.moog@typo3.org>
Reviewed-by: Susanne Moog <susanne.moog@typo3.org>
---
 .../Classes/Controller/EditDocumentController.php |  9 +++++----
 .../Resources/Private/Templates/Close.html        |  4 ++--
 .../backend/Resources/Public/Html/Close.html      | 15 +++++++++++++++
 typo3/sysext/feedit/Classes/FrontendEditPanel.php |  4 ++--
 4 files changed, 24 insertions(+), 8 deletions(-)
 create mode 100644 typo3/sysext/backend/Resources/Public/Html/Close.html

diff --git a/typo3/sysext/backend/Classes/Controller/EditDocumentController.php b/typo3/sysext/backend/Classes/Controller/EditDocumentController.php
index 8ad2982a6140..4ce2274088b2 100644
--- a/typo3/sysext/backend/Classes/Controller/EditDocumentController.php
+++ b/typo3/sysext/backend/Classes/Controller/EditDocumentController.php
@@ -36,6 +36,7 @@ use TYPO3\CMS\Core\Utility\ExtensionManagementUtility;
 use TYPO3\CMS\Core\Utility\GeneralUtility;
 use TYPO3\CMS\Core\Utility\HttpUtility;
 use TYPO3\CMS\Core\Utility\MathUtility;
+use TYPO3\CMS\Core\Utility\PathUtility;
 use TYPO3\CMS\Extbase\SignalSlot\Dispatcher;
 use TYPO3\CMS\Frontend\Page\PageRepository;
 
@@ -1522,7 +1523,7 @@ class EditDocumentController extends AbstractModule
      */
     public function shortCutLink()
     {
-        if ($this->returnUrl !== ExtensionManagementUtility::extRelPath('backend') . 'Resources/Private/Templates/Close.html') {
+        if ($this->returnUrl !== GeneralUtility::getFileAbsFileName('EXT:backend/Resources/Public/Html/Close.html')) {
             $shortCutButton = $this->moduleTemplate->getDocHeaderComponent()->getButtonBar()->makeShortcutButton();
             $shortCutButton->setModuleName($this->MCONF['name'])
                 ->setGetVariables([
@@ -1543,10 +1544,10 @@ class EditDocumentController extends AbstractModule
      */
     public function openInNewWindowLink()
     {
-        $backendRelPath = ExtensionManagementUtility::extRelPath('backend');
-        if ($this->returnUrl !== $backendRelPath . 'Resources/Private/Templates/Close.html') {
+        $closeUrl = GeneralUtility::getFileAbsFileName('EXT:backend/Resources/Public/Html/Close.html');
+        if ($this->returnUrl !== $closeUrl) {
             $aOnClick = 'vHWin=window.open(' . GeneralUtility::quoteJSvalue(GeneralUtility::linkThisScript(
-                ['returnUrl' => $backendRelPath . 'Resources/Private/Templates/Close.html']
+                ['returnUrl' => PathUtility::getAbsoluteWebPath($closeUrl)]
             ))
                 . ','
                 . GeneralUtility::quoteJSvalue(md5($this->R_URI))
diff --git a/typo3/sysext/backend/Resources/Private/Templates/Close.html b/typo3/sysext/backend/Resources/Private/Templates/Close.html
index e5fbc77bef0b..5a0cfc59ebc8 100644
--- a/typo3/sysext/backend/Resources/Private/Templates/Close.html
+++ b/typo3/sysext/backend/Resources/Private/Templates/Close.html
@@ -2,7 +2,7 @@
 <html>
 	<head>
 		<!-- Close script, used in particular by FormEngine to close the current edit window -->
-		<!-- TYPO3 Script ID: typo3/sysext/backend/Resources/Private/Templates/close.html -->
+		<!-- TYPO3 Script ID: typo3/sysext/backend/Resources/Private/Templates/Close.html -->
 		<meta charset="utf-8" />
 		<title>Close</title>
 		<script type="text/javascript">
@@ -12,4 +12,4 @@
 	</head>
 	<body>
 	</body>
-</html>
\ No newline at end of file
+</html>
diff --git a/typo3/sysext/backend/Resources/Public/Html/Close.html b/typo3/sysext/backend/Resources/Public/Html/Close.html
new file mode 100644
index 000000000000..1a4faf689b96
--- /dev/null
+++ b/typo3/sysext/backend/Resources/Public/Html/Close.html
@@ -0,0 +1,15 @@
+<!DOCTYPE html>
+<html>
+	<head>
+		<!-- Close script, used in particular by FormEngine to close the current edit window -->
+		<!-- TYPO3 Script ID: typo3/sysext/backend/Resources/Public/Html/Close.html -->
+		<meta charset="utf-8" />
+		<title>Close</title>
+		<script type="text/javascript">
+			self.close();
+			window.opener.location.reload(true);
+		</script>
+	</head>
+	<body>
+	</body>
+</html>
diff --git a/typo3/sysext/feedit/Classes/FrontendEditPanel.php b/typo3/sysext/feedit/Classes/FrontendEditPanel.php
index 51687dea5e52..1ca8675f4c4f 100644
--- a/typo3/sysext/feedit/Classes/FrontendEditPanel.php
+++ b/typo3/sysext/feedit/Classes/FrontendEditPanel.php
@@ -19,9 +19,9 @@ use TYPO3\CMS\Core\Database\DatabaseConnection;
 use TYPO3\CMS\Core\Imaging\Icon;
 use TYPO3\CMS\Core\Imaging\IconFactory;
 use TYPO3\CMS\Core\Type\Bitmask\JsConfirmation;
-use TYPO3\CMS\Core\Utility\ExtensionManagementUtility;
 use TYPO3\CMS\Core\Utility\GeneralUtility;
 use TYPO3\CMS\Core\Utility\MathUtility;
+use TYPO3\CMS\Core\Utility\PathUtility;
 use TYPO3\CMS\Frontend\Controller\TypoScriptFrontendController;
 use TYPO3\CMS\Frontend\View\AdminPanelView;
 
@@ -304,7 +304,7 @@ class FrontendEditPanel
      */
     protected function editPanelLinkWrap_doWrap($string, $url, $additionalClasses = '')
     {
-        $onclick = 'vHWin=window.open(' . GeneralUtility::quoteJSvalue($url . '&returnUrl=' . rawurlencode(ExtensionManagementUtility::extRelPath('backend') . 'Resources/Private/Templates/Close.html')) . ',\'FEquickEditWindow\',\'width=690,height=500,status=0,menubar=0,scrollbars=1,resizable=1\');vHWin.focus();return false;';
+        $onclick = 'vHWin=window.open(' . GeneralUtility::quoteJSvalue($url . '&returnUrl=' . rawurlencode(PathUtility::getAbsoluteWebPath(GeneralUtility::getFileAbsFileName('EXT:backend/Resources/Public/Html/Close.html')))) . ',\'FEquickEditWindow\',\'width=690,height=500,status=0,menubar=0,scrollbars=1,resizable=1\');vHWin.focus();return false;';
         return '<a href="#" class="btn btn-default btn-sm ' . htmlspecialchars($additionalClasses) . '" onclick="' . htmlspecialchars($onclick) . '" class="frontEndEditIconLinks">' . $string . '</a>';
     }
 
-- 
GitLab