- Apr 21, 2023
-
-
Christian Kuhn authored
v11 has "^1.4". For v12, we first removed it entirely, and brought doctrine/instantiator back as "^2.0" in #100207. The "^2.0" restriction is a bit harsh, not all other libraries caught up on this relatively young new major. To play well with others, we change doctrine/instantiator to "^1.5 || ^2.0", the changes betwen 1.5 and 2.0 [1] are mainly type sugar that is not critical to us. The ^1.5 minor restriction shouldn't be an issue for "sane" other libraries which tend to go with something like "^1.0", or "^1.3", or similar. > composer req doctrine/instantiator:"^1.5 || ^2.0" > composer req --no-update doctrine/instantiator:"^1.5 || ^2.0" -d typo3/sysext/extbase [1] https://github.com/doctrine/instantiator/compare/1.5.0...2.0.0 Resolves: #100630 Related: #100207 Releases: main Change-Id: I9b4de7b57a89a6db65e4fb9154196b3790c50104 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78779 Reviewed-by:
Jörg Bösche <typo3@joergboesche.de> Tested-b...
-
Markus Klein authored
Whenever a scheduler task fails during execution via CLI `scheduler:run`, the error message is now always written to stderr. This gives the task executor (e.g. cron) a chance to identify any failures, if even stdout is redirected to /dev/null. The task-loop is adapted to avoid (ab)using exceptions for control-flow (for loop-abortion). It instead now uses nullables to signal that not finding a next-task is expected behavior, not an exception. Also the exit code of the command is adapted to switch to 1 in case at least one error occured. (This is important in case the cronjob is executed as systemd-timer) Resolves: #87806 Releases: main, 11.5 Change-Id: I0b55bab7fcd916209114d9e3e07f54c7243ce9a5 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77936 Reviewed-by:
Stephan Großberndt <stephan.grossberndt@typo3.org> Reviewed-by:
Markus Klein <markus.klein@typo3.org> Tested-by:
Benjamin Franzke <benjaminfranzke@gmail.com> Tested-by:
Christian Kuhn <lolli@schwarzbu.ch> Tested-by:
core-ci <typo3@b13.com> Reviewed-by:
Christoph Lehmann <christoph.lehmann@networkteam.com> Reviewed-by:
-
Benni Mack authored
Resolves: #100183 Releases: main Change-Id: I4aa8d6f35046cbd77ad67a6c44a6f6f38f7b4ea5 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78778 Tested-by:
Georg Ringer <georg.ringer@gmail.com> Reviewed-by:
Oliver Klee <typo3-coding@oliverklee.de> Tested-by:
-
- Apr 20, 2023
-
-
Christoph Lehmann authored
With the Bugfix #100188 an integer is compared type-safe with a string: $page['uid'] ?? false) !== $linkDetails['pageuid'] This makes sure * $linkDetails['pageuid'] is an integer if possible * The tests use assertSame instead assertEqual for type safe comparison Resolves: #100329 Releases: main Change-Id: I26cfc56cf1d028e8794f659c8016ae6f860a56d3 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78282 Tested-by:
Benni Mack <benni@typo3.org> Reviewed-by:
-
Oliver Hader authored
The behavior of `EqualityInterface` has to be applied when comparing instances that implement this interface to find duplicates in a `SourceCollection`. For instance two instances of `UriValue`, that have the same URI value could not be handled correctly - either there are duplicates, or values cannot be removed from a collection. Resolves: #100621 Releases: main Change-Id: I48e6d1d9006260065fee812d648274e0fbbf2d75 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78712 Reviewed-by:
Oliver Hader <oliver.hader@typo3.org> Tested-by:
Chris Müller <typo3@krue.ml> Tested-by:
-
Christian Kuhn authored
Last round of dependency bumps raise min versions. There is little reason to allow lower verisons for those not-too-common ones with first LTS realease, so we declare them as minimum. We skip enshrined/svg-sanitize due to it's broken sec release, though. firebase/php-jwt: new features, no reasons to stay low guzzlehttp/guzzle: improved version constraints nikic/php-parser: PHP fixes, no reason to stay low phpdocumentor/type-resolver: minor raise, internal rewrite, have it to find issues early typo3fluid/fluid: minor bump, no reason to stay low > composer req firebase/php-jwt:^6.4.0 > composer req --no-update firebase/php-jwt:^6.4.0 -d typo3/sysext/core > composer req guzzlehttp/guzzle:^7.5.1 > composer req --no-update guzzlehttp/guzzle:^7.5.1 -d typo3/sysext/core > composer req nikic/php-parser:^4.15.4 > composer req --no-update nikic/php-parser:^4.15.4 -d typo3/sysext/install > composer req phpdocumentor/type-resolver:^1.7.1 > composer req... -
Christian Kuhn authored
> composer req --dev composer/composer:^2.5.5 > composer u codeception/lib-web > composer req --dev phpunit/phpunit:^10.1.1 -w > composer u typo3/cms-styleguide > composer u typo3/testing-framework > composer req --dev phpstan/phpstan:^1.10.14 > composer req --dev sokil/php-isocodes-db-i18n:^4.0.12 > composer u composer/ca-bundle > composer u psy/psysh > composer u dasprid/enum Resolves: #100692 Releases: main Change-Id: I4a682380dd859a02f7a97646c0e9c8d1b76a7db6 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78775 Tested-by:
Stefan Bürk <stefan@buerk.tech> Reviewed-by:
Anja Leichsenring <aleichsenring@ab-softlab.de> Reviewed-by:
-
Oliver Klee authored
Also add casts to callers that are not type-safe (yet). Also convert one call to use a first-class callable to improve static analysis. Resolves: #100686 Releases: main Change-Id: I0193a10238b9296c570268355480316e8ddfa4db Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78772 Reviewed-by:
Oliver Bartsch <bo@cedev.de> Tested-by:
-
Oliver Klee authored
This class has a human-readable comment marking it internal. Now it also has the corresponding PHPDoc annotation so IDEs can recognize the class as being internal, too, so that developers using the class can see a warning in their IDEs. Resolves: #100690 Releases: main Change-Id: Id9b7e3b52829a36af796801c3723541f83b0213c Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78774 Reviewed-by:
-
Oliver Bartsch authored
In case a file is still indexed but missing on the driver, searching for the file in the filelist module previously led to an exception. This is now fixed by checking whether the file is missing before fetching its parent folder, which is used to generate the full file path. Resolves: #100689 Releases: main Change-Id: I3ea5ec09be366c911dbf5e8217d4818e708c5c82 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78773 Reviewed-by:
Jochen <rothjochen@gmail.com> Tested-by:
-
Christoph Lehmann authored
With this Exceptions on CLI are not caught by \Symfony\Component\Console\Application anymore and handled by TYPO3's SYS/productionExceptionHandler or SYS/debugExceptionHandler. Resolves: #99912 Releases: main Change-Id: I93c43ca88b722088f2d516722c0618225ef0691d Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77816 Reviewed-by:
-
Jasmina Ließmann authored
The arrangement of the input field and button in the search field of the file list now corresponds to the display in other modules. Resolves: #100674 Releases: main Change-Id: I83b93c7423b4fe96966c2b30d807afdec8592100 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78758 Tested-by:
-
Christian Kuhn authored
Casual raise of all symfony dependencies in composer.lock, relevant for legacy packaging. > composer u symfony/console symfony/dependency-injection \ symfony/http-foundation symfony/mailer \ symfony/messenger symfony/property-access \ symfony/property-info symfony/routing \ symfony/translation symfony/var-dumper \ symfony/cache symfony/event-dispatcher \ symfony/process symfony/string \ symfony/var-exporter Resolves: #100687 Releases: main Change-Id: I32b1b6cd47fd3436cd654db5415f580910fa32ce Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78770 Tested-by: -
Benjamin Kott authored
Resolves: #100684 Releases: main Change-Id: I209e45f3a486f4d42c8ce8b781d5d5e56ac51350 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78767 Reviewed-by:
Andreas Fernandez <a.fernandez@scripting-base.de> Tested-by:
-
Christian Kuhn authored
We should strive for current dependency versions with upcoming 12.4.0 LTS. psr/http-message has recently been released as 1.1.0 and 2.0.0, which we should support. According to [1], having ^1.1 as lower bound is encouraged to have ^2.0. All our implementations are @internal, dropping 1.0 shouldn't be a huge burden, and other dependencies like guzzle adapted as well already. The patch bumps a couple of psr dependencies to allow ^2.0, raises guzzlehttp/psr7 to a minimum version that supports ^1.1 and ^2.0, and sets psr/http-message to ^1.1 || ^2.0. Our implementations are adapted, allowing us to be much more strict on types. One unfortunate "nullable" Uri is left, but this could be sorted out with a dedicated patch since it has impact on quite a few test cases. [1] https://www.php-fig.org/psr/psr-7/meta/#72-type-additions > composer u psr/http-client \ psr/http-factory \ psr/http-server-handler \ psr/http-server-middleware > composer req guzzlehttp/psr7:^2.5.0 > composer req --no-update guzzlehttp/psr7:"^2.5.0" -d typo3/sysext/core > composer req psr/http-message:"^1.1 || ^2.0" > composer req --no-update psr/http-message:"^1.1 || ^2.0" -d typo3/sysext/adminpanel > composer req --no-update psr/http-message:"^1.1 || ^2.0" -d typo3/sysext/core > composer req --no-update psr/http-message:"^1.1 || ^2.0" -d typo3/sysext/form > composer req --no-update psr/http-message:"^1.1 || ^2.0" -d typo3/sysext/redirects Resolves: #100682 Releases: main Change-Id: I98bb4031a681fe65827e282e0af059af66863873 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78763 Tested-by:
-
Andreas Fernandez authored
This patch updates most development dependencies to the most recent semver version, leaving out `@types/*` for now. Due to removed deprecations in jasmine, empty test bodies were removed in `form-engine-validation-test.ts`. Executed command: npm install --save-dev \ es-module-lexer@^1.2.1 \ eslint-plugin-lit@^1.8.3 \ eslint@^8.38.0 \ filesize@^10.0.7 \ grunt-eslint@^24.0.1 \ grunt@^1.6.1 \ jasmine-core@^4.6.0 \ lintspaces-cli@^0.8.0 \ patch-package@^6.5.1 \ postcss-banner@^4.0.1 \ postcss-clean@^1.2.2 \ sass@^1.62.0 \ sharp@^0.32.0 \ stylelint-scss@^4.6.0 \ terser@^5.17.1 \ typescript@~5.0.4 Resolves: #100685 Releases: main Change-Id: I953b2fdf1107039756cda2ca87f3272c7ddb4d27 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78768 Tested-by: -
Andreas Fernandez authored
The dimensions available in `CropperEvent` are fractions in some cases, that probably happens when an image gets upscaled. This causes issues as those dimensions are apparently adjusted downward in the cropper library, resulting in dimension reduced by 1px. To solve this issue, `Math.ceil()` is applied to round up incoming dimensions. Resolves: #96722 Releases: main, 11.5 Change-Id: I537bccd32a634805a37957bea59ec51e5e856272 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78717 Tested-by:
-
Anja Leichsenring authored
After removal of getLL usages, no globally loaded label files are necessary anymore and therefor removed. The remaining occurrences are there either for backward compatibility in extensions or need a deeper look due to dynamically loaded language files. Resolves: #100676 Releases: main Change-Id: I227786a1810474ad91be2fe17ae20a6719d6b37a Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78760 Reviewed-by:
-
Benjamin Kott authored
Resolves: #100681 Releases: main Change-Id: I73d44e804866f07ee97dca0cf69fcb9d5888e85f Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78765 Tested-by:
Frank Nägler <frank.naegler@typo3.com> Tested-by:
-
Andreas Fernandez authored
ckeditor5 was released in version 37.1 lately, being fully written in TypeScript. Thanks to this, several `@types/*` packages can be removed. However, due to how the "link" plugin is overriden, some `@ts-ignore` statements have to be used for now. Executed commands: npm uninstall \ @types/ckeditor__ckeditor5-alignment \ @types/ckeditor__ckeditor5-autoformat \ @types/ckeditor__ckeditor5-basic-styles \ @types/ckeditor__ckeditor5-block-quote \ @types/ckeditor__ckeditor5-clipboard \ @types/ckeditor__ckeditor5-code-block \ @types/ckeditor__ckeditor5-core \ @types/ckeditor__ckeditor5-editor-classic \ @types/ckeditor__ckeditor5-engine \ @types/ckeditor__ckeditor5-essentials \ @types/ckeditor__ckeditor5-find-and-replace \ @types/ckeditor__ckeditor5-heading \ @types/ckeditor__ckeditor5-horizontal-line \ @types/ckeditor__ckeditor5-html-support \ @types/ckeditor__ckeditor5-indent \ @types/ckeditor__ckeditor5-link \ @types/ckeditor__ckeditor5-list \ @types/ckeditor__ckeditor5-paste-from-office \ @types/ckeditor__ckeditor5-remove-format \ @types/ckeditor__ckeditor5-source-editing \ @types/ckeditor__ckeditor5-special-characters \ @types/ckeditor__ckeditor5-table \ @types/ckeditor__ckeditor5-ui \ @types/ckeditor__ckeditor5-undo \ @types/ckeditor__ckeditor5-utils \ @types/ckeditor__ckeditor5-word-count npm i --save \ @ckeditor/ckeditor5-alignment@^37.1.0 \ @ckeditor/ckeditor5-autoformat@^37.1.0 \ @ckeditor/ckeditor5-basic-styles@^37.1.0 \ @ckeditor/ckeditor5-block-quote@^37.1.0 \ @ckeditor/ckeditor5-clipboard@^37.1.0 \ @ckeditor/ckeditor5-code-block@^37.1.0 \ @ckeditor/ckeditor5-core@^37.1.0 \ @ckeditor/ckeditor5-dev-utils@^37.0.1 \ @ckeditor/ckeditor5-editor-classic@^37.1.0 \ @ckeditor/ckeditor5-engine@^37.1.0 \ @ckeditor/ckeditor5-essentials@^37.1.0 \ @ckeditor/ckeditor5-find-and-replace@^37.1.0 \ @ckeditor/ckeditor5-heading@^37.1.0 \ @ckeditor/ckeditor5-horizontal-line@^37.1.0 \ @ckeditor/ckeditor5-html-support@^37.1.0 \ @ckeditor/ckeditor5-indent@^37.1.0 \ @ckeditor/ckeditor5-link@^37.1.0 \ @ckeditor/ckeditor5-list@^37.1.0 \ @ckeditor/ckeditor5-paragraph@^37.1.0 \ @ckeditor/ckeditor5-paste-from-office@^37.1.0 \ @ckeditor/ckeditor5-remove-format@^37.1.0 \ @ckeditor/ckeditor5-source-editing@^37.1.0 \ @ckeditor/ckeditor5-special-characters@^37.1.0 \ @ckeditor/ckeditor5-style@^37.1.0 \ @ckeditor/ckeditor5-table@^37.1.0 \ @ckeditor/ckeditor5-theme-lark@^37.1.0 \ @ckeditor/ckeditor5-ui@^37.1.0 \ @ckeditor/ckeditor5-undo@^37.1.0 \ @ckeditor/ckeditor5-utils@^37.1.0 \ @ckeditor/ckeditor5-word-count@^37.1.0 \ @typescript-eslint/eslint-plugin@^5.59.0 \ @typescript-eslint/parser@^5.59.0 \ @typescript-eslint/typescript-estree@^5.59.0 Resolves: #100666 Releases: main Change-Id: Ie4ea7b3dcd22a7081e5551cbd0502ea7920858f5 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78752 Tested-by: -
Oliver Hader authored
Resolves: #100667 Related: #100140 Releases: main Change-Id: I1152d404322b060947eedffaf19b449613956a51 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78753 Reviewed-by:
-
Benjamin Kott authored
Resolves: #100680 Releases: main Change-Id: Ie50a15a6025e37f2b938d1157d8865df1af54e7f Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78764 Tested-by:
-
Benjamin Kott authored
General spacings have been streamlined that are most relevant for CSS declarations that add `margin-bottom` to ensure there is space available to the next element. Headlines h1, h2, and h3 will not add additional space to the top if they are used in a document flow and are not the first element, and have no classes assigned. This provides a visual divider when a new content section is opened while keeping existing styles untouched. There are edge cases where it can be necessary to add the space manually because some additional necessary nesting is in place. For this case, the class `.headline-spaced` was introduced. This class is limited to h1, h2, and h3 and should be used with care. The code styling for <pre> and <code> has been adjusted when `[class*="language-"]` is matching. While we have no automatic syntax highlighting for this kind of area yet, this indicates that a user wants to highlight a section of code. Dropping row and col implementations for inline forms. We are introducing `.form-row` and respective variants to different viewports `.form-row-*` to have more control over spacing for inline forms. Each input element will consume the necessary space it needs and wrap if not enough space is available. The spacing for clearable elements is now applied to `.form-control-clearable`. This allows the spacing adjustments to be present before the JavaScript is invoked. The class will be added through js if not already present on the element. This avoids additional layout shifts. Resolves: #100663 Releases: main Change-Id: If9757d9dc04d9dca83cb1e89c5bbced1b20b5850 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78682 Tested-by:
-
Oliver Hader authored
The protected properties `$inlineJavascriptWrap` and `$inlineCssWrap` of the class `\TYPO3\CMS\Core\Page\PageRenderer` have been deprecated. The new methods `wrapInlineScript()` and `wrapInlineStyle()` have to be used instead (which also provide special handling for XHTML or non-HTML5 content rendering). Resolves: #100614 Releases: main Change-Id: I11b3624ee933fba411a48d8222d2760f090323a9 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78658 Tested-by:
-
Anja Leichsenring authored
Using sL() instead of getLL() shows direct dependencies on labels and their label files within the code. This change replaces all usages in * backend * linkValidator * rte_ckeditor with sL() calls. Resolves: #100675 Relates: #100668 Releases: main Change-Id: I76b030263987951f232caf50e7d2cd6526480215 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78759 Tested-by:
-
Christian Kuhn authored
It is possible to prepare FormEngine towards proper dependency injection with a relatively small patch, including good compatibility for extensions with v11 & v12 and upwards compatibility with v12 & v13. With TYPO3 v13, we can adapt own uses and leverage the full power of DI. Resolves: #100670 Related: #100581 Releases: main Change-Id: I4cd223a7993386f2e1393ef7982530d98a9932c4 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78729 Reviewed-by:
-
Chris Müller authored
Resolves: #100672 Related: #100563 Related: #100586 Releases: main Change-Id: Ifda318b1e86232b040d8d84d58dcc7ea47fcd709 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78756 Tested-by:
-
Christian Kuhn authored
Let's raise some dependencies to start green with LTS. Minor bump for this --dev dep: > composer req --dev friendsofphp/php-cs-fixer:^3.16.0 > Build/Scripts/runTests.sh -s cgl Resolves: #100677 Releases: main Change-Id: I37e2bfe3784876ed8f570c96454749643da55afb Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78761 Tested-by:
-
Torben Hansen authored
This change removes several unused imports, which are not detected by php-cs-fixer, since the NoUnusedImportsFixer does not ignore references used in php doc comments. Resolves: #100673 Releases: main Signed-off-by:
Torben Hansen <derhansen@gmail.com> Change-Id: Ibab8cf846eba748ea08b3254415921fd268a2021 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78757 Reviewed-by:
-
Benni Mack authored
Using sL() instead of getLL() shows direct dependencies on labels and their label files within the code. This change replaces all usages in * extensionmanager * form * impexp * install * reports * setup * filelist with sL() calls. Resolves: #100668 Releases: main Change-Id: Ic3cb1e307c9312a2fc2e0b21b3149c4baddebfe3 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78755 Tested-by:
-
- Apr 19, 2023
-
-
Christian Kuhn authored
The extbase ConfigurationManager logic is still painful. It is a stateful singleton, which we can not dissolve at the moment. To reduce headaches, we now deprecate the getContentObject() misuse, a solution avoiding this has been established with #100623. This allows us to streamline the implementation with TYPO3 v13 quite a bit, making it less of a burden. The patch deprecates the method and introduces a setRequest() method instead. Extbase bootstrap takes care of setting this for each plugin. We don't get rid of the singleton state, but since we don't add a public getRequest(), it makes ConfigurationManager a data sink only for this state, which can not be abused anymore. This also allows us to get rid of $GLOBALS['TYPO3_REQUEST'] usages within ConfigurationManager in TYPO3 v13. Resolves: #100662 Related: #100623 Releases: main Change-Id: I419b5008d80b6545c5fe55067af6031845978680 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78731 Tested-by:
-
Benni Mack authored
Previously, TYPO3 manually had lists of labels for languages (primarily used to select a user's language for the TYPO3 Backend interface). Similar to the Country API, the list of official languages are now fetched from a debian repository, which provides a list of official language keys and their labels so translators do not need to update this static list, and developers do not need to add a label when a new language is added. A list of two-letter code language keys in addition to three-letter code language keys are now available and can slowly be used to be supported instead of the TYPO3 core list. Previous "pseudo-classes" such as IsoCodeService and their respective XLF files are removed. Code in be_users.lang itemsProcFunc and SetupModuleController can then be simplified. Resolves: #100659 Releases: main Change-Id: I26dcf24d496856e5a2a2c9c0b27193be724d7df1 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77503 Reviewed-by: Mar...
-
Oliver Bartsch authored
Since modules can have aliases it's necessary to always use the ModuleProvider API for checking the module access permissions of a backend user. Resolves: #100656 Releases: main Change-Id: I73f1305e3b1a5422d10a89f167b836b1867d8a54 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78725 Reviewed-by:
-
- Apr 18, 2023
-
-
Benni Mack authored
In the site configuration, the value is called "flag", whereas in TypoScript or in the SiteLanguage object, it is called "flagIdentifier" which is longer, but technically more correct. This change now also allows to use page.10 = TEXT page.10.data = siteLanguage:flag instead of page.10 = TEXT page.10.data = siteLanguage:flagIdentifier to avoid confusion for integrators. Resolves: #94347 Releases: main, 11.5 Change-Id: Ie15614bd7ec7d7461fbecc4cc791314bda2c236f Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78641 Tested-by:
-
Torben Hansen authored
The redirect evaluation is currently always processed no matter if a `redirectMode` based on the referer is configured or not. Also, given referers are checked for validity using `RedirectUrlValidator`, which logs a message in the TYPO3 log with the log level `warning` if the given URL is considered as invalid. This patch adds a check to the referer evaluation, so it is only processed, if a redirect mode supporting the referer is active. Additionally, the log level for invalid redirect URLs in `RedirectUrlValidator` is changed to `debug`, since a warning is not appropriate for invalid redirect URLs. Resolves: #100197 Releases: main, 11.5 Signed-off-by:
Thomas Hohn <tho@gyldendal.dk>
-
Helmut Hummel authored
Extbase ConfigurationManager as stateful singleton object is updated within extbase bootstrap for each plugin call. This is ugly, but since ConfigurationManager can be injected to other extbase services, which can be injected itself, it is very hard to get rid of. However, ConfigurationManager is also abused to "park" the current ContentObjectRenderer instance in this "convenient" singleton. The current content object renderer instance can then be retrieved at extbase runtime using getContentObject(). The form extension uses this at a couple of places to move the ContentObjectRenderer data around. The ConfigurationManager should however not be a source of such data, and our main "state" object in the framework is the request (which ConfigurationManager needs as well, but that's a different patch). To allow a deprecation of getContentObject() in ConfigurationManager, the patch changes the codebase to attach the current content object as request attribute instead. This is a bit fiddly as well since ContentObjectRenderer can be recursive (cObj rendering other cObj again), but the change at least makes this state more obvious, and we're pretty confident the situation will further relax and become more transparent with continued ContentObjectRenderer refactorings. Some of these have been prepared in v12 already and we'll see more on this with v13. The patch does the main refactoring, deprecating getContentObject() will follow with another patch. The patch does not add the attribute at all places where ContentObjectRenderer instances are created, more may follow later. The main goal of this patch is to create the main infrastructure and to not break the form extension. Resolves: #100623 Releases: main Change-Id: I3de7f53244c0b438ef54940d87a169068f1a832e Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77252 Tested-by:
-
Torben Hansen authored
The feature toggle `security.usePasswordPolicyForFrontendUsers` introduced in #97390 was added to allow TYPO3 administrators to still use the deprecated TypoScript validators in ext:felogin for the password reset process. In order to have a consistent setup, the feature toggle must also be respected for frontend users in DataHandler and FormEngine, so it is possible to set any password, if the feature is turned off. With this patch, a possible configured password policy for frontend context (fe_users table) is ignored, if `security.usePasswordPolicyForFrontendUsers` is set to `false`. Resolves: #100300 Releases: main Signed-off-by:
-
Andreas Fernandez authored
The UserTS options `createFoldersInEB` and `folderTree.hideCreateFolder` were used in the past to control the existence of the "Create folder" form in Element Browser instances. With the migration of the "Create folder" view into a separate modal used in EXT:filelist, which is based on Element Browser as well, those options became useless and are therefore dropped. Resolves: #100658 Releases: main Change-Id: I100dceeffa262db8f7211bb9678d3162b2b16677 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78728 Tested-by:
-
Benni Mack authored
Because RTE was not always possible in all browsers in TYPO3 v3.x, a flag to deactivate the RTE (for Netsacpe users) was added. Since then, HTMLarea and now CKEditor4 (or with v12: CKEditor 5) work properly across all browsers and the setting has no effect anymore, is therefore removed from the UI. Resolves: #100634 Releases: main Change-Id: Iff80f250b2db05394f48ee2b303583cfbf193746 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78681 Reviewed-by:
-
Andreas Fernandez authored
The method `DebugUtility::debugInPopUpWindow()` renders a modal with a debug dump, if applicable. The content will always contain markup, which is rendered as plain text in the modal, was intended by the modal component. To have the dump correctly rendered, the markup is passed as a fragment to the modal component. Resolves: #100652 Releases: main Change-Id: I1cd1a97a5cd794e941f1a5830d8fd0cd97d8b1cb Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78718 Tested-by:
-
