From dfdfc9c91c524523ca1ae7f0738d48db02f3cc1c Mon Sep 17 00:00:00 2001
From: Helmut Hummel <helmut.hummel@typo3.org>
Date: Sun, 6 Sep 2015 16:49:21 +0200
Subject: [PATCH] [TASK] Remove redundant CSRF protection tokens and deprecate
 used methods

The CSRF tokens for edit document and tce actions were introduced,
to protect these entry scripts. Since the entry scripts are removed now
and any entry point is protected with a CSRF token by default, we do not need
these additional tokens any more.

The helper methods can now also be deprecated and the check for the tokens
is removed in the controllers.

Please note that in the deprecated.php the tokens still must be checked, as
third party modules still might generate URLs to the old entry scripts and
we want to have this deprecated entry point still be protected.

Resolves: #69562
Releases: master
Change-Id: I9df443c7fcb4c7db4f7f682d3643b780480ed5de
Reviewed-on: http://review.typo3.org/43069
Reviewed-by: Wouter Wolters <typo3@wouterwolters.nl>
Tested-by: Wouter Wolters <typo3@wouterwolters.nl>
Reviewed-by: Christian Kuhn <lolli@schwarzbu.ch>
Reviewed-by: Markus Klein <markus.klein@typo3.org>
Tested-by: Markus Klein <markus.klein@typo3.org>
---
 .../ToolbarItems/ClearCacheToolbarItem.php    |  6 ++---
 .../backend/Classes/ClickMenu/ClickMenu.php   | 10 +++----
 .../backend/Classes/Clipboard/Clipboard.php   |  4 +--
 .../Controller/EditDocumentController.php     | 15 +++++------
 .../File/CreateFolderController.php           |  2 --
 .../Controller/File/EditFileController.php    |  1 -
 .../Controller/File/FileController.php        |  6 +----
 .../Controller/File/FileUploadController.php  |  1 -
 .../Controller/File/RenameFileController.php  |  1 -
 .../Controller/File/ReplaceFileController.php |  1 -
 .../Controller/PageLayoutController.php       |  4 +--
 .../SimpleDataHandlerController.php           |  8 ++----
 .../Controller/Wizard/RteController.php       |  2 +-
 .../backend/Classes/Form/FormEngine.php       |  2 ++
 .../Classes/Template/DocumentTemplate.php     |  2 +-
 .../Tree/View/PageMovingPagePositionMap.php   |  2 +-
 .../Classes/Tree/View/PagePositionMap.php     |  4 +--
 .../Classes/Utility/BackendUtility.php        |  2 ++
 .../ViewHelpers/IssueCommandViewHelper.php    |  2 +-
 .../ViewHelpers/RemoveUserViewHelper.php      |  2 +-
 .../core/Classes/Database/QueryView.php       |  4 +--
 ...elperMethodsForRedundantCSRFProtection.rst | 27 +++++++++++++++++++
 typo3/sysext/filelist/Classes/FileList.php    |  4 +--
 .../Classes/Browser/ElementBrowser.php        |  2 --
 .../ViewHelpers/DeleteLinkViewHelper.php      |  2 +-
 .../Controller/VersionModuleController.php    |  1 -
 26 files changed, 64 insertions(+), 53 deletions(-)
 create mode 100644 typo3/sysext/core/Documentation/Changelog/master/Deprecation-69562-DeprecateHelperMethodsForRedundantCSRFProtection.rst

diff --git a/typo3/sysext/backend/Classes/Backend/ToolbarItems/ClearCacheToolbarItem.php b/typo3/sysext/backend/Classes/Backend/ToolbarItems/ClearCacheToolbarItem.php
index 705b2e32e242..a995be954921 100644
--- a/typo3/sysext/backend/Classes/Backend/ToolbarItems/ClearCacheToolbarItem.php
+++ b/typo3/sysext/backend/Classes/Backend/ToolbarItems/ClearCacheToolbarItem.php
@@ -56,7 +56,7 @@ class ClearCacheToolbarItem implements ToolbarItemInterface {
 				'id' => 'pages',
 				'title' => $languageService->sL('LLL:EXT:lang/locallang_core.xlf:flushPageCachesTitle', TRUE),
 				'description' => $languageService->sL('LLL:EXT:lang/locallang_core.xlf:flushPageCachesDescription', TRUE),
-				'href' => BackendUtility::getModuleUrl('tce_db', ['vC' => $backendUser->veriCode(), 'cacheCmd' => 'pages', 'ajaxCall' => 1]) . BackendUtility::getUrlToken('tceAction'),
+				'href' => BackendUtility::getModuleUrl('tce_db', ['vC' => $backendUser->veriCode(), 'cacheCmd' => 'pages', 'ajaxCall' => 1]),
 				'icon' => $iconFactory->getIcon('actions-system-cache-clear-impact-low', Icon::SIZE_SMALL)
 			);
 			$this->optionValues[] = 'pages';
@@ -68,7 +68,7 @@ class ClearCacheToolbarItem implements ToolbarItemInterface {
 				'id' => 'all',
 				'title' => $languageService->sL('LLL:EXT:lang/locallang_core.xlf:flushGeneralCachesTitle', TRUE),
 				'description' => $languageService->sL('LLL:EXT:lang/locallang_core.xlf:flushGeneralCachesDescription', TRUE),
-				'href' => BackendUtility::getModuleUrl('tce_db', ['vC' => $backendUser->veriCode(), 'cacheCmd' => 'all', 'ajaxCall' => 1]) . BackendUtility::getUrlToken('tceAction'),
+				'href' => BackendUtility::getModuleUrl('tce_db', ['vC' => $backendUser->veriCode(), 'cacheCmd' => 'all', 'ajaxCall' => 1]),
 				'icon' => $iconFactory->getIcon('actions-system-cache-clear-impact-medium', Icon::SIZE_SMALL)
 			);
 			$this->optionValues[] = 'all';
@@ -84,7 +84,7 @@ class ClearCacheToolbarItem implements ToolbarItemInterface {
 				'id' => 'system',
 				'title' => $languageService->sL('LLL:EXT:lang/locallang_core.xlf:flushSystemCachesTitle', TRUE),
 				'description' => $languageService->sL('LLL:EXT:lang/locallang_core.xlf:flushSystemCachesDescription', TRUE),
-				'href' => BackendUtility::getModuleUrl('tce_db', ['vC' => $backendUser->veriCode(), 'cacheCmd' => 'system', 'ajaxCall' => 1]) . BackendUtility::getUrlToken('tceAction'),
+				'href' => BackendUtility::getModuleUrl('tce_db', ['vC' => $backendUser->veriCode(), 'cacheCmd' => 'system', 'ajaxCall' => 1]),
 				'icon' => $iconFactory->getIcon('actions-system-cache-clear-impact-high', Icon::SIZE_SMALL)
 			);
 			$this->optionValues[] = 'system';
diff --git a/typo3/sysext/backend/Classes/ClickMenu/ClickMenu.php b/typo3/sysext/backend/Classes/ClickMenu/ClickMenu.php
index ccebd2a569cb..8d135e3e8a3c 100644
--- a/typo3/sysext/backend/Classes/ClickMenu/ClickMenu.php
+++ b/typo3/sysext/backend/Classes/ClickMenu/ClickMenu.php
@@ -748,7 +748,7 @@ class ClickMenu {
 			GeneralUtility::quoteJSvalue(BackendUtility::getModuleUrl('tce_db') . '&redirect=') . '+top.rawurlencode(' .
 			$this->frameLocation($loc . '.document') . '.pathname+' . $this->frameLocation(($loc . '.document')) . '.search)+' .
 			GeneralUtility::quoteJSvalue(
-				'&cmd[' . $table . '][' . $uid . '][delete]=1&prErr=1&vC=' . $this->backendUser->veriCode() . BackendUtility::getUrlToken('tceAction')
+				'&cmd[' . $table . '][' . $uid . '][delete]=1&prErr=1&vC=' . $this->backendUser->veriCode()
 			) . ';};';
 		if ($table === 'pages') {
 			$editOnClick .= 'top.nav.refresh.defer(500, top.nav);';
@@ -825,7 +825,7 @@ class ClickMenu {
 			GeneralUtility::quoteJSvalue(BackendUtility::getModuleUrl('tce_db') . '&redirect=') . '+top.rawurlencode(' .
 			$this->frameLocation($loc . '.document') . '.pathname+' . $this->frameLocation(($loc . '.document')) . '.search)+' .
 			GeneralUtility::quoteJSvalue(
-				'&data[' . $table . '][' . $uid . '][' . $flagField . ']=' . ($rec[$flagField] ? 0 : 1) . '&prErr=1&vC=' . $this->backendUser->veriCode() . BackendUtility::getUrlToken('tceAction')
+				'&data[' . $table . '][' . $uid . '][' . $flagField . ']=' . ($rec[$flagField] ? 0 : 1) . '&prErr=1&vC=' . $this->backendUser->veriCode()
 			) . ';};';
 		if ($table === 'pages') {
 			$editOnClick .= 'top.nav.refresh.defer(500, top.nav);';
@@ -1050,7 +1050,7 @@ class ClickMenu {
 			GeneralUtility::quoteJSvalue(BackendUtility::getModuleUrl('tce_file') . '&redirect=') . '+top.rawurlencode(' .
 			$this->frameLocation(($loc . '.document')) . '.pathname+' . $this->frameLocation(($loc . '.document')) . '.search)+' .
 			GeneralUtility::quoteJSvalue(
-				'&file[delete][0][data]=' . rawurlencode($path) . '&vC=' . $this->backendUser->veriCode() . BackendUtility::getUrlToken('tceAction')
+				'&file[delete][0][data]=' . rawurlencode($path) . '&vC=' . $this->backendUser->veriCode()
 			) . ';};';
 		return $this->linkItem($this->label('delete'), $this->iconFactory->getIcon('actions-edit-delete', Icon::SIZE_SMALL), $editOnClick . 'return false;');
 	}
@@ -1155,7 +1155,7 @@ class ClickMenu {
 			$this->frameLocation(($loc . '.document')) . '.pathname+' . $this->frameLocation(($loc . '.document')) . '.search)+' .
 			GeneralUtility::quoteJSvalue(
 				'&cmd[pages][' . $srcUid . '][' . $action . ']=' . $negativeSign . $dstUid . '&prErr=1&vC=' .
-				$this->backendUser->veriCode() . BackendUtility::getUrlToken('tceAction')
+				$this->backendUser->veriCode()
 			) . ';};top.nav.refresh();';
 		return $this->linkItem($this->label($action . 'Page_' . $into), IconUtility::getSpriteIcon('actions-document-paste-' . $into), $editOnClick . 'return false;', 0);
 	}
@@ -1176,7 +1176,7 @@ class ClickMenu {
 			$this->frameLocation(($loc . '.document')) . '.pathname+' . $this->frameLocation(($loc . '.document')) . '.search)+' .
 			GeneralUtility::quoteJSvalue(
 				'&file[' . $action . '][0][data]=' . $srcPath . '&file[' . $action . '][0][target]=' . $dstPath . '&prErr=1&vC=' .
-				$this->backendUser->veriCode() . BackendUtility::getUrlToken('tceAction')
+				$this->backendUser->veriCode()
 			) . ';};top.nav.refresh();';
 		return $this->linkItem($this->label($action . 'Folder_into'), IconUtility::getSpriteIcon('apps-pagetree-drag-move-into'), $editOnClick . 'return false;', 0);
 	}
diff --git a/typo3/sysext/backend/Classes/Clipboard/Clipboard.php b/typo3/sysext/backend/Classes/Clipboard/Clipboard.php
index b1c7f4d5856a..380ec07fe34e 100644
--- a/typo3/sysext/backend/Classes/Clipboard/Clipboard.php
+++ b/typo3/sysext/backend/Classes/Clipboard/Clipboard.php
@@ -606,7 +606,7 @@ class Clipboard {
 		if (is_array($update)) {
 			$urlParameters['CB[update]'] = $update;
 		}
-		return BackendUtility::getModuleUrl($table === '_FILE' ? 'tce_file' : 'tce_db', $urlParameters) . BackendUtility::getUrlToken('tceAction');
+		return BackendUtility::getModuleUrl($table === '_FILE' ? 'tce_file' : 'tce_db', $urlParameters);
 	}
 
 	/**
@@ -627,7 +627,7 @@ class Clipboard {
 		if ($setRedirect) {
 			$urlParameters['redirect'] = GeneralUtility::linkThisScript(array('CB' => ''));
 		}
-		return BackendUtility::getModuleUrl($file ? 'tce_file' : 'tce_db', $urlParameters) . BackendUtility::getUrlToken('tceAction');
+		return BackendUtility::getModuleUrl($file ? 'tce_file' : 'tce_db', $urlParameters);
 	}
 
 	/**
diff --git a/typo3/sysext/backend/Classes/Controller/EditDocumentController.php b/typo3/sysext/backend/Classes/Controller/EditDocumentController.php
index 38ec1b66d62b..03e4044c951a 100644
--- a/typo3/sysext/backend/Classes/Controller/EditDocumentController.php
+++ b/typo3/sysext/backend/Classes/Controller/EditDocumentController.php
@@ -741,7 +741,7 @@ class EditDocumentController implements \TYPO3\CMS\Core\Http\ControllerInterface
 				}
 			}
 			function deleteRecord(table,id,url) {	//
-				window.location.href = ' . GeneralUtility::quoteJSvalue(BackendUtility::getModuleUrl('tce_db') . '&cmd[') . '+table+"]["+id+"][delete]=1' . BackendUtility::getUrlToken('tceAction') . '&redirect="+escape(url)+"&vC=' . $beUser->veriCode() . '&prErr=1&uPT=1";
+				window.location.href = ' . GeneralUtility::quoteJSvalue(BackendUtility::getModuleUrl('tce_db') . '&cmd[') . '+table+"]["+id+"][delete]=1&redirect="+escape(url)+"&vC=' . $beUser->veriCode() . '&prErr=1&uPT=1";
 			}
 		';
 
@@ -1278,7 +1278,7 @@ class EditDocumentController implements \TYPO3\CMS\Core\Http\ControllerInterface
 			<input type="hidden" name="closeDoc" value="0" />
 			<input type="hidden" name="doSave" value="0" />
 			<input type="hidden" name="_serialNumber" value="' . md5(microtime()) . '" />
-			<input type="hidden" name="_scrollPosition" value="" />' . FormEngine::getHiddenTokenField('editRecord');
+			<input type="hidden" name="_scrollPosition" value="" />';
 		return $formContent;
 	}
 
@@ -1370,13 +1370,13 @@ class EditDocumentController implements \TYPO3\CMS\Core\Http\ControllerInterface
 								$redirectUrl = BackendUtility::getModuleUrl('record_edit', array(
 									'justLocalized' => $table . ':' . $rowsByLang[0]['uid'] . ':' . $lang['uid'],
 									'returnUrl' => $this->retUrl
-								)) . BackendUtility::getUrlToken('editRecord');
+								));
 								$href = $this->doc->issueCommand('&cmd[' . $table . '][' . $rowsByLang[0]['uid'] . '][localize]=' . $lang['uid'], $redirectUrl);
 							} else {
 								$href = BackendUtility::getModuleUrl('record_edit', array(
 									'edit[' . $table . '][' . $rowsByLang[$lang['uid']]['uid'] . ']' => 'edit',
 									'returnUrl' => $this->retUrl
-								)) . BackendUtility::getUrlToken('editRecord');
+								));
 							}
 							$langSelItems[$lang['uid']] = '
 								<option value="' . htmlspecialchars($href) . '"' . ($currentLanguage == $lang['uid'] ? ' selected="selected"' : '') . '>' . htmlspecialchars(($lang['title'] . $newTranslation)) . '</option>';
@@ -1411,7 +1411,7 @@ class EditDocumentController implements \TYPO3\CMS\Core\Http\ControllerInterface
 					'edit[' . $table . '][' . $localizedRecord['uid'] . ']' => 'edit',
 					'returnUrl' => GeneralUtility::sanitizeLocalUrl(GeneralUtility::_GP('returnUrl'))
 				));
-				HttpUtility::redirect($location . BackendUtility::getUrlToken('editRecord'));
+				HttpUtility::redirect($location);
 			}
 		}
 	}
@@ -1670,10 +1670,7 @@ class EditDocumentController implements \TYPO3\CMS\Core\Http\ControllerInterface
 
 		// Checks, if a save button has been clicked (or the doSave variable is sent)
 		if ($this->doProcessData()) {
-			$formProtection = \TYPO3\CMS\Core\FormProtection\FormProtectionFactory::get();
-			if ($formProtection->validateToken(\TYPO3\CMS\Core\Utility\GeneralUtility::_GP('formToken'), 'editRecord')) {
-				$this->processData();
-			}
+			$this->processData();
 		}
 
 		$this->init();
diff --git a/typo3/sysext/backend/Classes/Controller/File/CreateFolderController.php b/typo3/sysext/backend/Classes/Controller/File/CreateFolderController.php
index c64394a01ba1..b5a781162123 100644
--- a/typo3/sysext/backend/Classes/Controller/File/CreateFolderController.php
+++ b/typo3/sysext/backend/Classes/Controller/File/CreateFolderController.php
@@ -184,7 +184,6 @@ class CreateFolderController implements \TYPO3\CMS\Core\Http\ControllerInterface
 				</div><div class="form-group">
 					<input class="btn btn-default" type="submit" value="' . $lang->sL('LLL:EXT:lang/locallang_core.xlf:file_newfolder.php.submit', TRUE) . '" />
 					<input type="hidden" name="redirect" value="' . htmlspecialchars($this->returnUrl) . '" />
-					' . \TYPO3\CMS\Backend\Form\FormEngine::getHiddenTokenField('tceAction') . '
 				</div>
 				';
 			// Switching form tags:
@@ -225,7 +224,6 @@ class CreateFolderController implements \TYPO3\CMS\Core\Http\ControllerInterface
 				<div class="form-group">
 					<input class="btn btn-default" type="submit" value="' . $lang->sL('LLL:EXT:lang/locallang_core.xlf:file_newfolder.php.newfile_submit', TRUE) . '" />
 					<input type="hidden" name="redirect" value="' . htmlspecialchars($this->returnUrl) . '" />
-					' . \TYPO3\CMS\Backend\Form\FormEngine::getHiddenTokenField('tceAction') . '
 				</div>
 				';
 			$pageContent .= $this->doc->section($lang->sL('LLL:EXT:lang/locallang_core.xlf:file_newfolder.php.newfile'), $code);
diff --git a/typo3/sysext/backend/Classes/Controller/File/EditFileController.php b/typo3/sysext/backend/Classes/Controller/File/EditFileController.php
index bccd96ef0e05..6321bf226457 100644
--- a/typo3/sysext/backend/Classes/Controller/File/EditFileController.php
+++ b/typo3/sysext/backend/Classes/Controller/File/EditFileController.php
@@ -170,7 +170,6 @@ class EditFileController implements \TYPO3\CMS\Core\Http\ControllerInterface {
 					<textarea rows="30" name="file[editfile][0][data]" wrap="off" ' . $this->doc->formWidth(48, TRUE, 'width:98%;height:80%') . ' class="text-monospace t3js-enable-tab">' . htmlspecialchars($fileContent) . '</textarea>
 					<input type="hidden" name="file[editfile][0][target]" value="' . $this->fileObject->getUid() . '" />
 					<input type="hidden" name="redirect" value="' . htmlspecialchars($hValue) . '" />
-					' . \TYPO3\CMS\Backend\Form\FormEngine::getHiddenTokenField('tceAction') . '
 				</div>
 				<br />';
 			// Make shortcut:
diff --git a/typo3/sysext/backend/Classes/Controller/File/FileController.php b/typo3/sysext/backend/Classes/Controller/File/FileController.php
index 31eb3d3681bf..8627cba5cfc5 100644
--- a/typo3/sysext/backend/Classes/Controller/File/FileController.php
+++ b/typo3/sysext/backend/Classes/Controller/File/FileController.php
@@ -173,11 +173,7 @@ class FileController implements \TYPO3\CMS\Core\Http\ControllerInterface {
 	 * @return \Psr\Http\Message\ResponseInterface $response
 	 */
 	public function processRequest(ServerRequestInterface $request) {
-		$formProtection = \TYPO3\CMS\Core\FormProtection\FormProtectionFactory::get();
-		$formToken = isset($request->getQueryParams()['formToken']) ? $request->getQueryParams()['formToken'] : $request->getParsedBody()['formToken'];
-		if ($formProtection->validateToken($formToken, 'tceAction')) {
-			$this->main();
-		}
+		$this->main();
 
 		// Push errors to flash message queue, if there are any
 		$this->fileProcessor->pushErrorMessagesToFlashMessageQueue();
diff --git a/typo3/sysext/backend/Classes/Controller/File/FileUploadController.php b/typo3/sysext/backend/Classes/Controller/File/FileUploadController.php
index 61ad2c5b95e6..ec8dd56bea82 100644
--- a/typo3/sysext/backend/Classes/Controller/File/FileUploadController.php
+++ b/typo3/sysext/backend/Classes/Controller/File/FileUploadController.php
@@ -172,7 +172,6 @@ class FileUploadController implements \TYPO3\CMS\Core\Http\ControllerInterface {
 		$content .= '
 			<div id="c-submit">
 				<input type="hidden" name="redirect" value="' . $this->returnUrl . '" /><br />
-				' . \TYPO3\CMS\Backend\Form\FormEngine::getHiddenTokenField('tceAction') . '
 				<input class="btn btn-default" type="submit" value="' . $this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:file_upload.php.submit', TRUE) . '" />
 			</div>
 		';
diff --git a/typo3/sysext/backend/Classes/Controller/File/RenameFileController.php b/typo3/sysext/backend/Classes/Controller/File/RenameFileController.php
index 843060b28c8c..525cfdae8fa2 100644
--- a/typo3/sysext/backend/Classes/Controller/File/RenameFileController.php
+++ b/typo3/sysext/backend/Classes/Controller/File/RenameFileController.php
@@ -153,7 +153,6 @@ class RenameFileController implements \TYPO3\CMS\Core\Http\ControllerInterface {
 				<input class="btn btn-primary" type="submit" value="' . $this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:file_rename.php.submit', TRUE) . '" />
 				<input class="btn btn-danger" type="submit" value="' . $this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:labels.cancel', TRUE) . '" onclick="backToList(); return false;" />
 				<input type="hidden" name="redirect" value="' . htmlspecialchars($this->returnUrl) . '" />
-				' . \TYPO3\CMS\Backend\Form\FormEngine::getHiddenTokenField('tceAction') . '
 			</div>
 		';
 		$pageContent .= '</form>';
diff --git a/typo3/sysext/backend/Classes/Controller/File/ReplaceFileController.php b/typo3/sysext/backend/Classes/Controller/File/ReplaceFileController.php
index 50267013866a..efb0bc58b793 100644
--- a/typo3/sysext/backend/Classes/Controller/File/ReplaceFileController.php
+++ b/typo3/sysext/backend/Classes/Controller/File/ReplaceFileController.php
@@ -175,7 +175,6 @@ class ReplaceFileController implements \TYPO3\CMS\Core\Http\ControllerInterface
 					<input class="btn btn-primary" type="submit" value="' . $this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:file_replace.php.submit', TRUE) . '" />
 					<input class="btn btn-danger" type="submit" value="' . $this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:labels.cancel', TRUE) . '" onclick="backToList(); return false;" />
 					<input type="hidden" name="redirect" value="' . htmlspecialchars($this->returnUrl) . '" />
-					' . \TYPO3\CMS\Backend\Form\FormEngine::getHiddenTokenField('tceAction') . '
 				</div>
 		';
 		$code .= '</form>';
diff --git a/typo3/sysext/backend/Classes/Controller/PageLayoutController.php b/typo3/sysext/backend/Classes/Controller/PageLayoutController.php
index 520a7bd35241..80b2f884c2dd 100755
--- a/typo3/sysext/backend/Classes/Controller/PageLayoutController.php
+++ b/typo3/sysext/backend/Classes/Controller/PageLayoutController.php
@@ -544,7 +544,7 @@ class PageLayoutController {
 
 				function deleteRecord(table,id,url) {	//
 					if (confirm(' . GeneralUtility::quoteJSvalue($lang->getLL('deleteWarning')) . ')) {
-						window.location.href = ' . GeneralUtility::quoteJSvalue(BackendUtility::getModuleUrl('tce_db') . '&cmd[') . '+table+"]["+id+"][delete]=1&redirect="+escape(url)+"&vC=' . $this->getBackendUser()->veriCode() . BackendUtility::getUrlToken('tceAction') . '&prErr=1&uPT=1";
+						window.location.href = ' . GeneralUtility::quoteJSvalue(BackendUtility::getModuleUrl('tce_db') . '&cmd[') . '+table+"]["+id+"][delete]=1&redirect="+escape(url)+"&vC=' . $this->getBackendUser()->veriCode() . '&prErr=1&uPT=1";
 					}
 					return false;
 				}
@@ -905,7 +905,7 @@ class PageLayoutController {
 							'returnUrl' => $this->returnUrl
 						)
 					) : $this->R_URI)) . '" />
-					' . FormEngine::getHiddenTokenField('tceAction');
+					';
 				// Add JavaScript as needed around the form:
 				$theCode = $tceForms->printNeededJSFunctions_top() . $theCode . $tceForms->printNeededJSFunctions();
 				// Add warning sign if record was "locked":
diff --git a/typo3/sysext/backend/Classes/Controller/SimpleDataHandlerController.php b/typo3/sysext/backend/Classes/Controller/SimpleDataHandlerController.php
index b2a0d897dafb..819915a5e2eb 100644
--- a/typo3/sysext/backend/Classes/Controller/SimpleDataHandlerController.php
+++ b/typo3/sysext/backend/Classes/Controller/SimpleDataHandlerController.php
@@ -248,12 +248,8 @@ class SimpleDataHandlerController implements \TYPO3\CMS\Core\Http\ControllerInte
 	 * @return \Psr\Http\Message\ResponseInterface $response
 	 */
 	public function processRequest(ServerRequestInterface $request) {
-		$formProtection = \TYPO3\CMS\Core\FormProtection\FormProtectionFactory::get();
-		$formToken = isset($request->getQueryParams()['formToken']) ? $request->getQueryParams()['formToken'] : $request->getParsedBody()['formToken'];
-		if ($formProtection->validateToken($formToken, 'tceAction')) {
-			$this->initClipboard();
-			$this->main();
-		}
+		$this->initClipboard();
+		$this->main();
 
 		// Write errors to flash message queue
 		if ($this->prErr) {
diff --git a/typo3/sysext/backend/Classes/Controller/Wizard/RteController.php b/typo3/sysext/backend/Classes/Controller/Wizard/RteController.php
index 9489e7ac2dfd..d292db6a675a 100644
--- a/typo3/sysext/backend/Classes/Controller/Wizard/RteController.php
+++ b/typo3/sysext/backend/Classes/Controller/Wizard/RteController.php
@@ -196,7 +196,7 @@ class RteController extends AbstractWizardController implements \TYPO3\CMS\Core\
 				</table>';
 			// Adding hidden fields:
 			$formContent .= '<input type="hidden" name="redirect" value="' . htmlspecialchars($this->R_URI) . '" />
-						<input type="hidden" name="_serialNumber" value="' . md5(microtime()) . '" />' . FormEngine::getHiddenTokenField('tceAction');
+						<input type="hidden" name="_serialNumber" value="' . md5(microtime()) . '" />';
 			// Finally, add the whole setup:
 			$this->content .= $formEngine->printNeededJSFunctions_top() . $formContent . $formEngine->printNeededJSFunctions();
 		} else {
diff --git a/typo3/sysext/backend/Classes/Form/FormEngine.php b/typo3/sysext/backend/Classes/Form/FormEngine.php
index 06135521aed0..df6fbc500a95 100644
--- a/typo3/sysext/backend/Classes/Form/FormEngine.php
+++ b/typo3/sysext/backend/Classes/Form/FormEngine.php
@@ -1111,8 +1111,10 @@ class FormEngine {
 	 * @param string $formName Context of the token
 	 * @param string $tokenName The name of the token GET/POST variable
 	 * @return string A complete input field
+	 * @deprecated since TYPO3 7, will be removed in TYPO3 8. All backend modules and routes are secured by default now. If you need a form field with a token, use the form protection directly.
 	 */
 	static public function getHiddenTokenField($formName = 'securityToken', $tokenName = 'formToken') {
+		GeneralUtility::logDeprecatedFunction();
 		$formprotection = FormProtectionFactory::get();
 		return '<input type="hidden" name="' . $tokenName . '" value="' . $formprotection->generateToken($formName) . '" />';
 	}
diff --git a/typo3/sysext/backend/Classes/Template/DocumentTemplate.php b/typo3/sysext/backend/Classes/Template/DocumentTemplate.php
index 22eb3962bc47..8bbad967e77e 100644
--- a/typo3/sysext/backend/Classes/Template/DocumentTemplate.php
+++ b/typo3/sysext/backend/Classes/Template/DocumentTemplate.php
@@ -569,7 +569,7 @@ function jumpToUrl(URL) {
 			'uPT' => 1,
 			'vC' => $beUser->veriCode()
 		];
-		$url = BackendUtility::getModuleUrl('tce_db', $urlParameters) . $params . BackendUtility::getUrlToken('tceAction') . '&redirect=';
+		$url = BackendUtility::getModuleUrl('tce_db', $urlParameters) . $params . '&redirect=';
 		if ((int)$redirectUrl === -1) {
 			$url = GeneralUtility::quoteJSvalue($url) . '+T3_THIS_LOCATION';
 		} else {
diff --git a/typo3/sysext/backend/Classes/Tree/View/PageMovingPagePositionMap.php b/typo3/sysext/backend/Classes/Tree/View/PageMovingPagePositionMap.php
index 3220fe03ace6..769b386f684b 100644
--- a/typo3/sysext/backend/Classes/Tree/View/PageMovingPagePositionMap.php
+++ b/typo3/sysext/backend/Classes/Tree/View/PageMovingPagePositionMap.php
@@ -40,7 +40,7 @@ class PageMovingPagePositionMap extends PagePositionMap {
 	 * @return string Onclick attribute content
 	 */
 	public function onClickEvent($pid, $newPagePID) {
-		return 'window.location.href=' . \TYPO3\CMS\Core\Utility\GeneralUtility::quoteJSvalue(\TYPO3\CMS\Backend\Utility\BackendUtility::getModuleUrl('tce_db') . '&cmd[pages][' . $GLOBALS['SOBE']->moveUid . '][' . $this->moveOrCopy . ']=' . $pid . '&redirect=' . rawurlencode($this->R_URI) . '&prErr=1&uPT=1&vC=' . $GLOBALS['BE_USER']->veriCode() . \TYPO3\CMS\Backend\Utility\BackendUtility::getUrlToken('tceAction')) . ';return false;';
+		return 'window.location.href=' . \TYPO3\CMS\Core\Utility\GeneralUtility::quoteJSvalue(\TYPO3\CMS\Backend\Utility\BackendUtility::getModuleUrl('tce_db') . '&cmd[pages][' . $GLOBALS['SOBE']->moveUid . '][' . $this->moveOrCopy . ']=' . $pid . '&redirect=' . rawurlencode($this->R_URI) . '&prErr=1&uPT=1&vC=' . $GLOBALS['BE_USER']->veriCode()) . ';return false;';
 	}
 
 	/**
diff --git a/typo3/sysext/backend/Classes/Tree/View/PagePositionMap.php b/typo3/sysext/backend/Classes/Tree/View/PagePositionMap.php
index 6f54e2dec2ec..ee23504d1c37 100644
--- a/typo3/sysext/backend/Classes/Tree/View/PagePositionMap.php
+++ b/typo3/sysext/backend/Classes/Tree/View/PagePositionMap.php
@@ -488,9 +488,9 @@ class PagePositionMap {
 	public function onClickInsertRecord($row, $vv, $moveUid, $pid, $sys_lang = 0) {
 		$table = 'tt_content';
 		if (is_array($row)) {
-			$location = BackendUtility::getModuleUrl('tce_db') . '&cmd[' . $table . '][' . $moveUid . '][' . $this->moveOrCopy . ']=-' . $row['uid'] . '&prErr=1&uPT=1&vC=' . $GLOBALS['BE_USER']->veriCode() . BackendUtility::getUrlToken('tceAction');
+			$location = BackendUtility::getModuleUrl('tce_db') . '&cmd[' . $table . '][' . $moveUid . '][' . $this->moveOrCopy . ']=-' . $row['uid'] . '&prErr=1&uPT=1&vC=' . $GLOBALS['BE_USER']->veriCode();
 		} else {
-			$location = BackendUtility::getModuleUrl('tce_db') . '&cmd[' . $table . '][' . $moveUid . '][' . $this->moveOrCopy . ']=' . $pid . '&data[' . $table . '][' . $moveUid . '][colPos]=' . $vv . '&prErr=1&vC=' . $GLOBALS['BE_USER']->veriCode() . BackendUtility::getUrlToken('tceAction');
+			$location = BackendUtility::getModuleUrl('tce_db') . '&cmd[' . $table . '][' . $moveUid . '][' . $this->moveOrCopy . ']=' . $pid . '&data[' . $table . '][' . $moveUid . '][colPos]=' . $vv . '&prErr=1&vC=' . $GLOBALS['BE_USER']->veriCode();
 		}
 		$location .= '&redirect=' . rawurlencode($this->R_URI);
 		// returns to prev. page
diff --git a/typo3/sysext/backend/Classes/Utility/BackendUtility.php b/typo3/sysext/backend/Classes/Utility/BackendUtility.php
index f564c4dba63d..8a0f098e555b 100755
--- a/typo3/sysext/backend/Classes/Utility/BackendUtility.php
+++ b/typo3/sysext/backend/Classes/Utility/BackendUtility.php
@@ -3363,8 +3363,10 @@ class BackendUtility {
 	 * @param string $tokenName The name of the token GET variable
 	 * @throws \InvalidArgumentException
 	 * @return string A URL GET variable including ampersand
+	 * @deprecated since TYPO3 7, will be removed in TYPO3 8. All backend modules and routes are secured by default now. If you need a url parameter with a token, use the form protection directly.
 	 */
 	static public function getUrlToken($formName = 'securityToken', $tokenName = 'formToken') {
+		GeneralUtility::logDeprecatedFunction();
 		$formProtection = FormProtectionFactory::get();
 		return '&' . $tokenName . '=' . $formProtection->generateToken($formName);
 	}
diff --git a/typo3/sysext/beuser/Classes/ViewHelpers/IssueCommandViewHelper.php b/typo3/sysext/beuser/Classes/ViewHelpers/IssueCommandViewHelper.php
index a4b9a0c0d1ca..131ee94dc74a 100644
--- a/typo3/sysext/beuser/Classes/ViewHelpers/IssueCommandViewHelper.php
+++ b/typo3/sysext/beuser/Classes/ViewHelpers/IssueCommandViewHelper.php
@@ -68,7 +68,7 @@ class IssueCommandViewHelper extends AbstractViewHelper implements CompilableInt
 			$parametersArray = GeneralUtility::explodeUrl2Array($arguments['parameters']);
 			$urlParameters += $parametersArray;
 		}
-		return htmlspecialchars(BackendUtility::getModuleUrl('tce_db', $urlParameters) . BackendUtility::getUrlToken('tceAction'));
+		return htmlspecialchars(BackendUtility::getModuleUrl('tce_db', $urlParameters));
 	}
 
 }
diff --git a/typo3/sysext/beuser/Classes/ViewHelpers/RemoveUserViewHelper.php b/typo3/sysext/beuser/Classes/ViewHelpers/RemoveUserViewHelper.php
index 57c9b82222d1..189546b4c47d 100644
--- a/typo3/sysext/beuser/Classes/ViewHelpers/RemoveUserViewHelper.php
+++ b/typo3/sysext/beuser/Classes/ViewHelpers/RemoveUserViewHelper.php
@@ -75,7 +75,7 @@ class RemoveUserViewHelper extends AbstractViewHelper implements CompilableInter
 			'uPT' => 1,
 			'redirect' => GeneralUtility::getIndpEnv('REQUEST_URI')
 		];
-		$url = BackendUtility::getModuleUrl('tce_db', $urlParameters) . BackendUtility::getUrlToken('tceAction');
+		$url = BackendUtility::getModuleUrl('tce_db', $urlParameters);
 
 		return '<a class="btn btn-default t3js-modal-trigger" href="' . htmlspecialchars($url) . '"'
 			. ' data-severity="warning"'
diff --git a/typo3/sysext/core/Classes/Database/QueryView.php b/typo3/sysext/core/Classes/Database/QueryView.php
index 064327e720d1..6fd1c6ea2a84 100644
--- a/typo3/sysext/core/Classes/Database/QueryView.php
+++ b/typo3/sysext/core/Classes/Database/QueryView.php
@@ -555,7 +555,7 @@ class QueryView {
 			$out .= '<a class="btn btn-default" href="' . GeneralUtility::linkThisUrl(BackendUtility::getModuleUrl('tce_db'), array(
 					('cmd[' . $table . '][' . $row['uid'] . '][undelete]') => '1',
 					'redirect' => GeneralUtility::linkThisScript(array())
-				)) . BackendUtility::getUrlToken('tceAction') . '" title="' . $GLOBALS['LANG']-getLL('undelete_only', TRUE) . '">';
+				)) . '" title="' . $GLOBALS['LANG']-getLL('undelete_only', TRUE) . '">';
 			$out .= $this->iconFactory->getIcon('actions-edit-restore', Icon::SIZE_SMALL) . '</a>';
 			$formEngineParameters = array(
 				'edit[' . $table . '][' . $row['uid'] . ']' => 'edit',
@@ -565,7 +565,7 @@ class QueryView {
 			$out .= '<a class="btn btn-default" href="' . GeneralUtility::linkThisUrl(BackendUtility::getModuleUrl('tce_db'), array(
 					('cmd[' . $table . '][' . $row['uid'] . '][undelete]') => '1',
 					'redirect' => $redirectUrl
-				)) . BackendUtility::getUrlToken('tceAction') . '">';
+				)) . '">';
 			$out .= \TYPO3\CMS\Backend\Utility\IconUtility::getSpriteIcon('actions-edit-restore-edit', array('title' => 'undelete and edit')) . '</a>';
 		}
 		$_params = array($table => $row);
diff --git a/typo3/sysext/core/Documentation/Changelog/master/Deprecation-69562-DeprecateHelperMethodsForRedundantCSRFProtection.rst b/typo3/sysext/core/Documentation/Changelog/master/Deprecation-69562-DeprecateHelperMethodsForRedundantCSRFProtection.rst
new file mode 100644
index 000000000000..d4b1709179d5
--- /dev/null
+++ b/typo3/sysext/core/Documentation/Changelog/master/Deprecation-69562-DeprecateHelperMethodsForRedundantCSRFProtection.rst
@@ -0,0 +1,27 @@
+============================================================================
+Deprecation: #69562 - Deprecate helper methods for redundant CSRF protection
+============================================================================
+
+Description
+===========
+
+The methods ``FormEngine::getHiddenTokenField`` and ``BackendUtility::getUrlToken`` were introduced as shortcuts to protect data manipulating entry points ``tce_db.php`` ``tce_file.php`` and ``alt_doc.php`` from CSRF attacks. These entry points are now replaced with
+proper modules or routing, which are CSRF protected by default.
+
+
+Impact
+======
+
+Third party code using  ``FormEngine::getHiddenTokenField`` or ``BackendUtility::getUrlToken`` will cause deprecation log entries.
+
+
+Affected Installations
+======================
+
+Extensions using the above code.
+
+
+Migration
+=========
+
+These method calls can safely be removed, when generating links to former entry points ``tce_db.php`` ``tce_file.php`` and ``alt_doc.php`` with the API method calls : ``BackendUtility::getModuleUrl('tce_db')``, ``BackendUtility::getModuleUrl('tce_file')`` or ``BackendUtility::getModuleUrl('record_edit')``.
\ No newline at end of file
diff --git a/typo3/sysext/filelist/Classes/FileList.php b/typo3/sysext/filelist/Classes/FileList.php
index 56c925361f1d..47650eb1842d 100644
--- a/typo3/sysext/filelist/Classes/FileList.php
+++ b/typo3/sysext/filelist/Classes/FileList.php
@@ -709,7 +709,7 @@ class FileList extends AbstractRecordList {
 										'justLocalized' => 'sys_file_metadata:' . $metaDataRecord['uid'] . ':' . $languageId,
 										'returnUrl' => $this->listURL()
 									];
-									$returnUrl = BackendUtility::getModuleUrl('record_edit', $parameters) . BackendUtility::getUrlToken('editRecord');
+									$returnUrl = BackendUtility::getModuleUrl('record_edit', $parameters);
 									$href = $this->fileListController->doc->issueCommand(
 										'&cmd[sys_file_metadata][' . $metaDataRecord['uid'] . '][localize]=' . $languageId,
 										$returnUrl
@@ -955,7 +955,7 @@ class FileList extends AbstractRecordList {
 				$confirmationCheck = '1 == 1';
 			}
 
-			$removeOnClick = 'if (' . $confirmationCheck . ') { top.content.list_frame.location.href=' . GeneralUtility::quoteJSvalue(BackendUtility::getModuleUrl('tce_file') .'&file[delete][0][data]=' . rawurlencode($fileOrFolderObject->getCombinedIdentifier()) . '&vC=' . $this->getBackendUser()->veriCode() . BackendUtility::getUrlToken('tceAction') . '&redirect=') . '+top.rawurlencode(top.content.list_frame.document.location.pathname+top.content.list_frame.document.location.search);};';
+			$removeOnClick = 'if (' . $confirmationCheck . ') { top.content.list_frame.location.href=' . GeneralUtility::quoteJSvalue(BackendUtility::getModuleUrl('tce_file') .'&file[delete][0][data]=' . rawurlencode($fileOrFolderObject->getCombinedIdentifier()) . '&vC=' . $this->getBackendUser()->veriCode() . '&redirect=') . '+top.rawurlencode(top.content.list_frame.document.location.pathname+top.content.list_frame.document.location.search);};';
 
 			$cells['delete'] = '<a href="#" class="btn btn-default" onclick="' . htmlspecialchars($removeOnClick) . '"  title="' . $this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:cm.delete') . '">' . $this->iconFactory->getIcon('actions-edit-delete', Icon::SIZE_SMALL) . '</a>';
 		} else {
diff --git a/typo3/sysext/recordlist/Classes/Browser/ElementBrowser.php b/typo3/sysext/recordlist/Classes/Browser/ElementBrowser.php
index 76fad69a4c56..50c855ae67ea 100755
--- a/typo3/sysext/recordlist/Classes/Browser/ElementBrowser.php
+++ b/typo3/sysext/recordlist/Classes/Browser/ElementBrowser.php
@@ -2426,7 +2426,6 @@ class ElementBrowser {
 			. '&bparams=' . rawurlencode($this->bparams)
 			. (is_array($this->P) ? GeneralUtility::implodeArrayForUrl('P', $this->P) : '');
 		$code .= '<input type="hidden" name="redirect" value="' . htmlspecialchars($redirectValue) . '" />';
-		$code .= FormEngine::getHiddenTokenField('tceAction');
 		$code .= '
 			<div id="c-override">
 				<label>
@@ -2494,7 +2493,6 @@ class ElementBrowser {
 			. '&bparams=' . rawurlencode($this->bparams)
 			. (is_array($this->P) ? GeneralUtility::implodeArrayForUrl('P', $this->P) : '');
 		$code .= '<input type="hidden" name="redirect" value="' . htmlspecialchars($redirectValue) . '" />'
-			. FormEngine::getHiddenTokenField('tceAction')
 			. '<input class="btn btn-default" type="submit" name="submit" value="'
 			. $lang->sL('LLL:EXT:lang/locallang_core.xlf:file_newfolder.php.submit', TRUE) . '" />';
 		$code .= '</td>
diff --git a/typo3/sysext/sys_note/Classes/ViewHelpers/DeleteLinkViewHelper.php b/typo3/sysext/sys_note/Classes/ViewHelpers/DeleteLinkViewHelper.php
index 66a3099e7314..b6416e54a3c7 100644
--- a/typo3/sysext/sys_note/Classes/ViewHelpers/DeleteLinkViewHelper.php
+++ b/typo3/sysext/sys_note/Classes/ViewHelpers/DeleteLinkViewHelper.php
@@ -55,7 +55,7 @@ class DeleteLinkViewHelper extends AbstractViewHelper implements CompilableInter
 			'cmd[sys_note][' . $arguments['id'] . '][delete]' => 1,
 			'redirect' => GeneralUtility::getIndpEnv('REQUEST_URI')
 		];
-		$url = BackendUtility::getModuleUrl('tce_db', $urlParameters) . BackendUtility::getUrlToken('tceAction');
+		$url = BackendUtility::getModuleUrl('tce_db', $urlParameters);
 		return htmlspecialchars($url);
 	}
 
diff --git a/typo3/sysext/version/Classes/Controller/VersionModuleController.php b/typo3/sysext/version/Classes/Controller/VersionModuleController.php
index 31ae6161918d..c7dc26b4f874 100644
--- a/typo3/sysext/version/Classes/Controller/VersionModuleController.php
+++ b/typo3/sysext/version/Classes/Controller/VersionModuleController.php
@@ -418,7 +418,6 @@ class VersionModuleController extends \TYPO3\CMS\Backend\Module\BaseScriptClass
 							<input type="hidden" name="prErr" value="1" />
 							<input type="hidden" name="redirect" value="' . htmlspecialchars($this->REQUEST_URI) . '" />
 							<input class="btn btn-default" type="submit" name="_" value="' . $GLOBALS['LANG']->getLL('createNewVersion') . '" />
-							' . \TYPO3\CMS\Backend\Form\FormEngine::getHiddenTokenField('tceAction') . '
 						</div>
 					</div>
 				</div>
-- 
GitLab