- Jul 10, 2023
-
-
Nicole Cordes authored
The GlobalEventHandler changes the location of the current (target) window. The location is set to a given destination without any ability to interrupt. The existing ConsumerScope API isn't used even if the current window is the ContentContainer. This patch extends the handling of a navigation action by checking its target window and using proper ContentContainer API to set the location. Therefore registered listener can deny a location change and trigger own functions. Resolves: #95474 Resolves: #100114 Releases: main, 12.4, 11.5 Change-Id: If6a3b1cc546e1f2ff0b8e9fed3f83055f3f55e49 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/79922 Tested-by:
core-ci <typo3@b13.com> Tested-by:
Benjamin Franzke <ben@bnf.dev> Reviewed-by:
-
Benjamin Franzke authored
Since #94084 all module URLs are automatically framed by the TYPO3 main controller whenever they are opened in a Sec-Fetch-Dest aware request. (HTTPS or localhost domain) The intention of API is to allow module-links to be opened in a new tab by user intent – but due to technical limitation that feature is limited to secure contexts, and must therefore not be relied on as an API for internal redirects. sudo mode made use of this API and redirected via top.location to the privileged module, relying on the fact that iframe module-requests where detected to be loaded in the wrong context, to produce a redirect to the proper backend-frame, this didn't work for non HTTPS requests. This workaround has been done to remove "sudo-mode" from the URL bar. That workaround is no longer needed as #101287 added support for installtool URL bar synchronisation. ContentContainer API is now used to set the URL. Releases: main, 12.4 Resolves: #101288 Related: #101287 ...
-
Benjamin Franzke authored
Map backend URLs like /typo3/install.php?install%5Bcontroller%5D=settings to /typo3/module/tools/settings for display in the browsers URL bar. Resolves: #101287 Releases: main, 12.4 Change-Id: I5177146e28b01011f946c578804a8141fe9a371f Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/79920 Reviewed-by:
-
- Jul 07, 2023
-
-
Andreas Fernandez authored
flatpickr doesn't provide an easy possibility to set the today's date. To solve this issue, the plugin `shortcut-buttons-flatpickr` is added with a configuration for the today's date. Resolves: #100635 Releases: main, 12.4 Change-Id: I882f05ab4486d1b3073008cadb1d0275dd77c8ce Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/79867 Reviewed-by:
-
Benjamin Kott authored
Resolves: #101276 Releases: main, 12.4 Change-Id: Ie9941076dc54fc3c123241cf51a50a19a9145ec6 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/79866 Tested-by:
-
Benjamin Kott authored
With #10551 a pretty cool new feature was introduced which will show you information about the status of non versionable records in list module of TYPO3 backend. These messages are now only be displayed, if extension workspaces is activated. Resolves: #101282 Releases: main, 12.4 Change-Id: I428535a2e301fa38b639fed99d70c8052dfaa6fd Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/79849 Tested-by:
Benjamin Kott <benjamin.kott@outlook.com> Reviewed-by:
Andreas Fernandez <a.fernandez@scripting-base.de> Tested-by:
-
Jochen Roth authored
A click on open/recently used documents the returnUrl was not set which led to a blank content frame when the close button on the record was clicked. This issue is fixed by adding the EditDocumentController's returnUrl to the OpenDocs payload and re-using it in the toolbar items. However, this will not work with already existing entries and a consistent behavior cannot be assured due to potentially (dis)allowed modules for each backend user. Resolves: #94214 Releases: main, 12.4 Change-Id: I29680172735a5c28c46268cd14b7e26dd0997cd9 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/79862 Tested-by:
-
Riny van Tiggelen authored
In case mod.web_layout.allowInconsistentLanguageHandling is set, no warnings about inconsistent language usage should be displayed. This is now properly checked in ContentFetcher, which would otherwise add a warning message to the queue. Resolves: #99171 Releases: main, 12.4 Change-Id: If0f6cce36e5d35e0ec5ca3df865cc5736bb44005 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/79853 Tested-by:
Benni Mack <benni@typo3.org> Reviewed-by:
-
- Jul 06, 2023
-
-
Benjamin Kott authored
The backend layout representation in the backend implements a table based layout. While the columns spanning was interpreted correctly, the definition of how wide a column is in the defined grid was missing, causing the cells to take up an unexpected amount of space. Resolves: #101041 Resolves: #100961 Related: #97306 Related: #94629 Releases: main, 12.4 Change-Id: I8ab426e0c6e136135bf1bcf6bcc0368f76d4f4b0 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/79827 Tested-by:
-
Andreas Fernandez authored
In non-SVG trees, there are currently two icons representing the node's expansion state rendered that get toggled via CSS rules based on hard-coded aria attributes and icon identifiers, which is a bad practice. To solve this, a new web component `typo3-backend-tree-node-toggle` is added whose only responsibility is to render the correct icon based on its `aria-expanded` attribute Resolves: #100549 Releases: main, 12.4 Change-Id: I1a955731fc21da01a914b1ef721d7eb2d1e18ed5 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/79826 Tested-by:
-
Torben Hansen authored
The current backend password reset log message misses a `}` and logs the `user_id` if a password has been reset successfully. Logging the `user_id` is however not inline with other user related log messages, where always the `username` is logged. This patch streamlines the log message with other user related log messages by including the `username` instead of the `user_id`. Resolves: #99354 Releases: main, 12.4 Signed-off-by:
Torben Hansen <derhansen@gmail.com> Change-Id: If18d3b4cd1a76008f56f5433e8ff5d591898d2ad Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/79824 Reviewed-by:
-
Oliver Bartsch authored
In case a user did not pass necessary multi-factor authentication, this is handled as a login failure. Therefore, a webhook is now triggered for this scenario, like done for login failures of the first factor (usually username / password), providing basic information about the user and the used MFA provider. Resolves: #101263 Related: #100129 Releases: main, 12.4 Change-Id: I56b79a74d291beb94d78bb42305dcfba86ecaa26 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/79825 Tested-by:
Oliver Bartsch <bo@cedev.de> Tested-by:
-
Benjamin Franzke authored
Resolves: #101265 Releases: main, 12.4 Change-Id: Ia4b6e5f9cb9c17394e3d72e18d9664ccbaf53f85 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/79823 Tested-by:
-
Oliver Bartsch authored
In case a user has MFA enabled, the same handling is now done as for users, not having MFA enabled. This is e.g. dispatching the AfterUserLoggedInEvent. Resolves: #99864 Resolves: #100128 Releases: main, 12.4 Change-Id: I1df7a23e2b1a1ae09ac3b0217364478155af6bca Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/79807 Tested-by:
-
Oliver Bartsch authored
Since #94345 it's possible to omit the "event" identifier when configuring an event listener, since the service can be resolved using reflection. This however did until now not work when using union types. This patch therefore adjusts the corresponding compiler pass, making it possible to use the same method for listing on multiple events. Resolves: #101264 Related: #94345 Releases: main, 12.4 Change-Id: I5668269104515811d3c916c832942ef532bdfa27 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/79821 Tested-by:
-
Oliver Bartsch authored
By dispatching a new PSR-14 Event on a failed multi-factor authentication attempt, it's now possible to consider such failed attempts in the "send email on failed login" functionality. The improved log message does now also use the correct "action" and "error" types, which allows further functionality, such as the corresponding dashboard widget, to make use of those information. Resolves: #100129 Releases: main, 12.4 Change-Id: I52047bc45dba124f050aa31640444ce4af12c4df Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/79816 Reviewed-by:
-
Andreas Fernandez authored
The FormEngine validation now accepts "00:00 01-01-1970" as an entered date, which evaluates to int 0. If string 0 is passed, the field is supposed to be empty. Previously, a too simple negation check was in place. In the long run, the whole date validation handling needs a major rewrite to not rely on timestamps anymore. Resolves: #101258 Releases: main, 12.4 Change-Id: I90a976088e01c23443369eff76f4c6401463715e Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/79819 Tested-by:
-
Lukas Niestroj authored
Rephrase the error messages presented to the user after a failed attempt to create or update a version record in offline workspace without permissions. Further, disable all modification actions in the recordlist. Disabled buttons: edit, move, delete, copy, cut, new record, history. Resolves: #10551 Releases: main, 12.4 Change-Id: Ieada8032ca12b1b90b53ee700ed9a6ba55d55bd2 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/79815 Tested-by:
-
Imko Schumacher authored
The TCA processing temporary converts native datetime inputs to timestamps for some checks. The start of the unix epoch (1970-01-01 00:00) corresponds to the 0 timestamp. Conditionally checks interpreted that as false, resulting the value to be the default value. This fix also prevents empty date values from being set to MySQL-specific values (0000-00-00 00:00:00). Resolves: #92900 Releases: main, 12.4 Change-Id: I979d59f4abe3dd73117a9e135a74ae3036192d9b Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/79812 Tested-by:
-
Georg Ringer authored
If a record is translated, the modal overlay is now closed. Resolves: #100833 Resolves: #100896 Resolves: #99936 Releases: main, 12.4 Change-Id: Ifd282c72c5df2c03920f3b7aba67976fdacf168d Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/79774 Tested-by:
-
- Jul 05, 2023
-
-
Benni Mack authored
When using TSconfig like this: mod.web_list.tableDisplayOrder.pages { after = tt_content } which creates a circular dependency with the original TSconfig, the list module does not crash anymore but shows a warning instead. Resolves: #98072 Releases: main, 12.4 Change-Id: Ifcc3890fc6283a8c4f20b8b959a41bec5108893c Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/79750 Tested-by: -
jakotadesigngroup authored
Nullable time fields with value null (not set) are reset to 0 on update. This changes the value from not set to midnight. It is not so problematic for date fields as there reset value, for the time being, is null also. But this behavior is wrong anyway. Resolves: #99847 Releases: main, 12.4, 11.5 Change-Id: I080b6bb1ad00a025967d9626632ff71b8fb2193a Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/79748 Tested-by:
-
Oliver Hader authored
The backend login refresh dialog is now passing a request-token (which is required in `AbstractUserAuthentication`), which is fetched via AJAX before actually submitting the login credentials as well via AJAX. Resolves: #101209 Releases: main, 12.4 Change-Id: I0d3d8a927b7f02791d990eefb2faf98be8aa2efb Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/79727 Tested-by:
Oliver Hader <oliver.hader@typo3.org> Tested-by:
-
Oliver Bartsch authored
Resolves: #101238 Releases: main, 12.4 Change-Id: I3ff0ea07c5b4121d3b585215b13b4834de7838b4 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/79735 Reviewed-by:
-
Benni Mack authored
When a link href is empty or invalid, TYPO3 now does not crash anymore. Resolves: #100958 Releases: main, 12.4 Change-Id: I768d43b72a3abd55af06cd9750ac8a400bc41d63 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/79732 Reviewed-by:
-
Andreas Nedbal authored
Prepared nodes were not properly handled in the category element, causing the indetermination state recalculation to never trigger properly. Using the nodes from the nodes-prepared event fixes this issue. Resolves: #98689 Releases: main, 12.4, 11.5 Change-Id: I63f9618c596cdad343d4af8393120eabae3fdbd4 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/79688 Reviewed-by:
Andreas Nedbal <andy@pixelde.su> Tested-by:
-
- Jul 04, 2023
-
-
Christian Eßl authored
The new save notification currently lists all changes separately, when editing records in EditDocumentController. This leads to a huge notification box, when saving many records at once. The behaviour is now changed so that if more than 10 records were edited, a more generic message is shown instead: "x records have been successfully saved." Resolves: #100223 Releases: main, 12.4 Change-Id: Ic3db6a1937de8eb288a7ded0bce3e1a88f10cb1e Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/79686 Tested-by:
Annett Jähnichen <mcmietz@web.de> Reviewed-by:
-
Oliver Bartsch authored
Maintaining the "disallowed" list in TCA for type=file previously was only respected in the DataHandler but the restriction was not displayed neither in FormEngine nor in the FileBrowser. Additionally, the file extension filter did not restrict available files to select and the list was also not used by the DragUploader. All those places are now unified. Resolves: #101231 Releases: main, 12.4 Change-Id: Iab187e8d9787469016e2110306e35ae4192f6323 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/79709 Reviewed-by:
-
Jochen Roth authored
This adds missing form engine inline language labels, used e.g. for the "unsaved changes" modal. Resolves: #98718 Releases: main, 12.4 Change-Id: Ifb8964bf40b8cc410cb46c36fc82c6d4572a05ce Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/79685 Tested-by:
-
Andreas Nedbal authored
The hint when changing a slug previously was a combination of utility classes and with color changes in a recent Bootstrap version, it became barely readable. Resolves: #101222 Releases: main, 12.4 Change-Id: I594c995f23c99d81b0d5e2d619e63f811c36576a Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/79683 Tested-by:
-
Torben Hansen authored
With #100255 it has been ensured, that the translate ViewHelper uses the site language locale. For backend context, the locale is resolved from `$GLOBALS['BE_USER']->user['lang']`. In case of the backend login or password reset form , the evaluated preferred browser language is however not set to the global `BE_USER` object, when no user is logged in. As a result, some labels in the fluid views are always rendered in the default language. This change sets the preferred browser language to the `BE_USER` object in the backend login controller and the reset password controller, when no backend user is logged in, so label translation is now consistent again. Resolves: #101166 Related: #100255 Releases: main, 12.4 Signed-off-by:
-
Oliver Bartsch authored
Since #97330, a form engine elements label might not be represented by a <label> tag, but by using a <legend> tag. This patch now ensures that those elements are also correctly considered within form engine validation. Resolves: #101221 Related: #97330 Releases: main, 12.4 Change-Id: Iac4ef9b198bd7a7b8c75e53b83e45117be348c98 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/79636 Reviewed-by:
-
- Jul 03, 2023
-
-
Andreas Fernandez authored
With the dismissal of jQuery and jQuery UI from the image manipulation component, the event handling for the trigger button ("Open Editor") got borked as the event state toggling previously done via `.off(...).on(...)` was replaced with using a `signal` as documented at [1]. The `AbortController` instance is only built when the modal has been fully shown, way after the event handling took place, breaking the module's global state. To solve this issue we removed the `AbortController` and its usages again. Also, `initializeTrigger()` now uses event delegation to register the event handler on the trigger buttons. As a drive-by fixes, the `active` state of the ratio buttons is now properly toggled, and the ratio title field is correctly updated by comparing with the scoped `ratioTitleWindow.HTMLElement` prototype. [1] https://developer.mozilla.org/en-US/docs/Web/API/EventTarget/addEventListener#add_an_abortable_listener Resolves: #101150 Resolves: #101199 Related: #100948 Releases: main, 12.4 Change-Id: I021c74bb67976468ebdc5226263c6441796bd65b Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/79632 Tested-by: -
Benni Mack authored
When editing in FormEngine the popup now has a larger size, corresponding to up-to-date displays and devices. Resolves: #99383 Releases: main, 12.4 Change-Id: I0638d42b0b4018aba1093cca5f816e91bf86e471 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/79546 Tested-by:
Stefan Bürk <stefan@buerk.tech> Tested-by:
-
Benni Mack authored
The site language's configuration setting "hreflang" was deprecated with #99908, however, it still serves a valid purpose. If working with EXT:seo and the <link rel="alternate"> tags, it is still valid and possible to set a specific "hreflang" attribute. Example setups: * You have "German (Germany)" (which is using de-DE as locale) and "German (Austria)" (which is using de-AT as locale). here you want to set "de" as generic fallback in the "de-DE" locale when using hreflang attributes. * You want to explicitly set "x-default" for a specific language, which is clearly not a valid language key. This change does the following: * It re-adds the hreflang property to be managed by the UI, however it is empty by default and will fallback to the $locale->getName(). * It is not used within the <html lang="..."> attribute anymore as this was a mis-use in the first place (and now properly using just the language key, see https://www.w3.org/International/questions/qa-html-language-declarations.en.html#attributes * The method "SiteLanguage->getHrefLang()" is not deprecated anymore. * The RST is adapted accordingly Still, the relevant information is: The site language configuration option "hreflang" is not relevant anymore for regular websites without rendering hreflang tags, but is now customizable, and has a proper fallback. Resolves: #101160 Resolves: #95798 Related: #99908 Releases: main, 12.4 Change-Id: Ifc5b5b10ba46b4da4abd5c504d4d69f240f2fd02 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/79545 Reviewed-by:
-
- Jun 29, 2023
-
-
Andreas Fernandez authored
The fix for #100750 aimed to apply `array_unique()` to the array containing page ids used as webmounts for the backend search. Unfortunately, the call was done only for the storage in the runtime cache with the side effect that still the full array with possible duplications is returned on first invocation. The affected `array_unique()` call is now extracted into a separate line right before storing the resulting array to cache, which results in returning the same, unified array. Resolves: #101200 Related: #100750 Releases: main, 12.4, 11.5 Change-Id: Idbe6f1639ec84737ab151d5ab2d18739736e2327 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/79534 Reviewed-by:
-
Oliver Hader authored
The CSP backend module is not showing the optional source-file of the reported violation. This information references to the actual asset that caused the violation. In addition, visualizing the user-agent helps to identifiy and reproduce possible flaws. In case, `effective-directive` (preferred W3C property) is not given, but `violated-directive` (legacy W3C property) is, that value is taken - this still can happen in old browser versions. Resolves: #100912 Releases: main, 12.4 Change-Id: Idf9482d234292a15a4114c474ddb2b5316d21a87 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/79562 Tested-by:
-
- Jun 27, 2023
-
-
Christian Kuhn authored
A single FormEngine element (created by "element" classes that typically extend AbstractFormElement) takes care of the "inner" HTML of an element. The surrounding "outer" HTML like embedding elements in palettes is created by "container" classes. Also, <label> tags for single elements are created by container classes, namely PaletteAndSingleContainer and FlexFormElementContainer. The situation having <label> done by a container and the inner HTML done by elements has drawbacks: First, "label" tags should have a "for" attribute, to connect it with input fields having "id" attribute. This is one of the accessibility "must haves". Separating label and fields in different classes does not allow doing this. Secondly, not all elements have such input or select tags at all. In those cases, the label is not a label, but should be a legend embedded in a fieldset. The patch moves the existing label tag generation from container classes to element classes: Only elem...
-
- Jun 26, 2023
-
-
Jasmina Ließmann authored
In order to ensure the readability of the progress bar, the previous content has been split up. Only the percentages are now displayed in the progress bar. Information about which installation step the user is currently at is now displayed above the progress bar. In addition, an undefined variable and icon were removed and the form buttons of the first step are now aligned in a row. Resolves: #100987 Releases: main, 12.4 Change-Id: Idc43d11a5f4b9988c51cf97482dee1f48d8e21b5 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/79425 Tested-by:
Jasmina Ließmann <minapokhalo+typo3@gmail.com> Tested-by:
-
- Jun 22, 2023
-
-
Christian Kuhn authored
As a pre-patch to resolve #97330, we simplify the code flow in PaletteAndSingleContainer by avoiding the fieldSetWrap() method and inlining it in a simplified form to the calling methods. This makes the purpose more clear and allows detail changes to the generated HTML depending on generated palettes. This is just a code-flow cleanup that does not influence generated HTML. Resolves: #101155 Related: #97330 Releases: main, 12.4 Change-Id: Ibe13f2496d1e3df661b3049490d0a42d26329a30 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/79487 Tested-by:
Christian Kuhn <lolli@schwarzbu.ch> Tested-by:
-
