An error occurred while retrieving diff files
[TASK] Move VerifyDenyPattern functionality into separate logic
This change targets a couple of things: - The global constant "FILE_DENY_PATTERN_DEFAULT" is moved to a class constant - The global constant "PHP_EXTENSIONS_DEFAULT" which is not in use anymore, is removed. - The security aspect of checking against the fileDenyPattern is extracted into its own Class where - The fileDenyPattern can never be empty, but only be set via DefaultConfiguration. This makes it easier to test this functionality, a single object is taking over the responsibility, and the logic is now in one place. Also, the non-usage of the global constant makes life easier. Resolves: #90147 Releases: master Change-Id: I9db0d6fc3b10f75a3735017cb9ac0d9bfd4ff02b Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/62843 Tested-by:Oliver Hader <oliver.hader@typo3.org> Tested-by:
TYPO3com <noreply@typo3.com> Tested-by:
Georg Ringer <georg.ringer@gmail.com> Reviewed-by:
Showing
- typo3/sysext/core/Classes/Core/SystemEnvironmentBuilder.php 10 additions, 5 deletionstypo3/sysext/core/Classes/Core/SystemEnvironmentBuilder.php
- typo3/sysext/core/Classes/Resource/ResourceStorage.php 2 additions, 1 deletiontypo3/sysext/core/Classes/Resource/ResourceStorage.php
- typo3/sysext/core/Classes/Resource/Security/FileNameValidator.php 86 additions, 0 deletions...sext/core/Classes/Resource/Security/FileNameValidator.php
- typo3/sysext/core/Classes/TypoScript/Parser/TypoScriptParser.php 4 additions, 3 deletions...ysext/core/Classes/TypoScript/Parser/TypoScriptParser.php
- typo3/sysext/core/Classes/Utility/GeneralUtility.php 4 additions, 5 deletionstypo3/sysext/core/Classes/Utility/GeneralUtility.php
- typo3/sysext/core/Configuration/DefaultConfiguration.php 0 additions, 1 deletiontypo3/sysext/core/Configuration/DefaultConfiguration.php
- typo3/sysext/core/Documentation/Changelog/master/Deprecation-90147-UnifiedFileNameValidator.rst 60 additions, 0 deletions...log/master/Deprecation-90147-UnifiedFileNameValidator.rst
- typo3/sysext/core/Tests/Unit/Resource/Security/FileNameValidatorTest.php 255 additions, 0 deletions...re/Tests/Unit/Resource/Security/FileNameValidatorTest.php
- typo3/sysext/core/Tests/Unit/Utility/GeneralUtilityTest.php 0 additions, 131 deletionstypo3/sysext/core/Tests/Unit/Utility/GeneralUtilityTest.php
- typo3/sysext/core/Tests/UnitDeprecated/Utility/GeneralUtilityTest.php 131 additions, 0 deletions.../core/Tests/UnitDeprecated/Utility/GeneralUtilityTest.php
- typo3/sysext/filelist/Classes/Controller/File/CreateFolderController.php 4 additions, 2 deletions...lelist/Classes/Controller/File/CreateFolderController.php
- typo3/sysext/form/Classes/Mvc/Property/TypeConverter/UploadedFileReferenceConverter.php 2 additions, 1 deletion...Property/TypeConverter/UploadedFileReferenceConverter.php
- typo3/sysext/impexp/Classes/Import.php 2 additions, 1 deletiontypo3/sysext/impexp/Classes/Import.php
- typo3/sysext/impexp/Classes/ImportExport.php 2 additions, 1 deletiontypo3/sysext/impexp/Classes/ImportExport.php
- typo3/sysext/install/Configuration/ExtensionScanner/Php/ConstantMatcher.php 10 additions, 0 deletions...ll/Configuration/ExtensionScanner/Php/ConstantMatcher.php
- typo3/sysext/install/Configuration/ExtensionScanner/Php/MethodCallStaticMatcher.php 7 additions, 0 deletions...guration/ExtensionScanner/Php/MethodCallStaticMatcher.php
- typo3/sysext/recordlist/Classes/View/FolderUtilityRenderer.php 4 additions, 2 deletions.../sysext/recordlist/Classes/View/FolderUtilityRenderer.php
- typo3/sysext/reports/Classes/Report/Status/SecurityStatus.php 7 additions, 7 deletions...3/sysext/reports/Classes/Report/Status/SecurityStatus.php
Please register or sign in to comment