- May 26, 2023
-
-
Nikita Hovratov authored
This is a preparation patch for a guzzlehttp/guzzle and guzzlehttp/promises raise. Resolves: #100918 Releases: main, 12.4, 11.5 Change-Id: I9a2731ade87de8f54b2e3c0e375dde1609e35e2a Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/79122 Tested-by:
Nikita Hovratov <nikita.h@live.de> Reviewed-by:
core-ci <typo3@b13.com>
-
Harald Witt authored
Typo3DbQueryParser ignored records with no child records in some cases. This is mitigated by adding a correct WHERE condition for the match-field/parent evaluation. This effects TCA relations with MM_match_fields, foreign_match_fields or foreign_table_field. Resolves: #93337 Releases: main, 12.4, 11.5 Change-Id: Id4804ccb93252be32666ba74aa7c03dab25e6a92 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/79145 Tested-by:
Georg Ringer <georg.ringer@gmail.com> Reviewed-by:
-
- May 24, 2023
-
-
Ronny Perinke authored
* PHP exceptions were logged with level "info" in the `sys_log` table * PHP errors were logged with wrong (numeric) error level in the `sys_log` table Only values from `\Psr\Log\LogLevel` are allowed and usable. Numeric values can not be used or filtered in BeLog backend module. Releases: main, 12.4, 11.5 Resolves: #100830 Change-Id: Ie35fe291ac74edd4173e096b8d12609d32c45e02 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/79116 Tested-by:
Anja Leichsenring <aleichsenring@ab-softlab.de> Reviewed-by:
-
- May 23, 2023
-
-
Stefan Froemken authored
The Fluid ViewHelper `f:uri.page` will now cast argument `pageType` to int before using it. Resolves: #100845 Releases: main, 12.4, 11.5 Change-Id: Ifbda5befa0757975c20411bfac2549a3affab9bf Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/79132 Tested-by:
-
- May 19, 2023
-
-
Nikita Hovratov authored
This is an edge-case, where `config.index_enable = 1` is set, but the static TypoScript from indexed_search is not included and thus `config.index_externals` is undefined. Resolves: #100888 Releases: main, 12.4, 11.5 Change-Id: I0b9fa04970812ca82edc4d223cd57e59e3a2ed83 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/79070 Tested-by:
-
- May 16, 2023
-
-
Chris Müller authored
Resolves: #100883 Releases: main, 12.4, 11.5 Change-Id: I89f566a1bdf45f214a175cd389ef143c6334cda3 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/79056 Tested-by:
Oliver Klee <typo3-coding@oliverklee.de> Reviewed-by:
-
- May 15, 2023
-
-
Markus Klein authored
Fix some left-over places where an int-cast is possibly necessary to avoid PHP warnings. Resolves: #100866 Releases: main, 12.4, 11.5 Change-Id: If9111e0c2e2de8c90a94202cf518abdbe8c987fb Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/79036 Tested-by:
Stefan Bürk <stefan@buerk.tech> Tested-by:
-
Oliver Hader authored
Issue #93884 provided and adjusted CSP header for SVG inline styles: | default-src 'self'; script-src 'none'; | style-src 'unsafe-inline'; object-src 'none'; For SVG files, having 'unsafe-inline' for style-src is fine, since it only applies to the very same file and cannot include other local or remote resources. Resolves: #100041 Releases: main, 12.4, 11.5 Change-Id: I198e0a8225ef6c0e729a3ae78981581b2d2b2205 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/79033 Tested-by:
Oliver Hader <oliver.hader@typo3.org> Tested-by:
-
- May 09, 2023
-
-
Benni Mack authored
Change-Id: Ieecc273236bdbf857b543fbe9932cc9b3e5e352b Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78999 Tested-by:
Benni Mack <benni@typo3.org> Tested-by:
-
Benni Mack authored
Change-Id: I558ff721e36d73c28ff8e5849f6fb59d1d50311d Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78998 Tested-by:
-
Georg Ringer authored
Use an empty string instead of null as default value for username and password to avoid warnings with PHP8. Resolves: #100739 Releases: main, 12.4, 11.5 Change-Id: Ie06431f27cab919a7df8467f1b5711d7b2b42291 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78997 Reviewed-by:
-
Georg Ringer authored
Resolves: #100824 Relates: #100739 Releases: main, 12.4, 11.5 Change-Id: I91bf93adbf390e84beda871c399f4785a83d8571 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78993 Tested-by:
-
- May 08, 2023
-
-
Nikita Hovratov authored
Resolves: #82481 Releases: main, 12.4, 11.5 Change-Id: Ieffc20f64cac7b546e20964e5f0deeab6e523771 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78966 Tested-by:
-
- May 05, 2023
-
-
Oliver Bartsch authored
In case a site is missing a proper site configuration - having no default language a fallback SiteLanguage object is used in the page module. This fallback however does provide an empty string as flag identifier, which does no longer result in a broken icon. Resolves: #100799 Releases: main, 12.4, 11.5 Change-Id: I23f3d9347d2ea8a63520086054b9fa842a9f5cfd Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78945 Reviewed-by:
-
- May 03, 2023
-
-
Georg Ringer authored
The mime type 'audio/x-wav' must be added to the AudioTagRenderer to render those files as audio file. Resolves: #100138 Releases: main, 11.5 Change-Id: Icce1698f2de725161fc5add2b711a8b764ee6c59 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78894 Tested-by:
-
- May 02, 2023
-
-
Helmut Hummel authored
When defining a default value in column overrides e.g. for tt_content TCA field sys_language_uid this value from TCA will override the value that will be set via the page module when adding a content element for a different language, because the change introduced in #86876 does not respect default values that are set via defVals (which are passed to form engine as defaultValues) A check if such values are set is now added, so that the fix for #86876 will still work, but default values set via editing forms are also respected Resolves: #99381 Releases: main, 11.5 Change-Id: Ib4270665b396bbe520afb21a7f145d0d549305ac Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78893 Tested-by:
Oliver Bartsch <bo@cedev.de> Reviewed-by:
-
Oliver Bartsch authored
Properly check for the given value being an object before passing it to corresponding method, which is type-hinted since #100068. Resolves: #100774 Related: #100068 Releases: main, 11.5 Change-Id: I704ef93ebbbfd1f161bf56dd7ef0058bd2b4875d Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78918 Tested-by:
-
Oliver Klee authored
This helps static analysis of projects using this class. Resolves: #100778 Releases: main, 11.5 Change-Id: I41cbf38477fb6743e5039dd9905ed38be81e96fc Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78915 Reviewed-by:
Christian Kuhn <lolli@schwarzbu.ch> Tested-by:
-
- Apr 27, 2023
-
-
Oliver Bartsch authored
Resolves: #100770 Releases: main, 11.5 Change-Id: I549371e78de399195d6810858d337528f39ce0ad Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78892 Tested-by:
-
Andreas Fernandez authored
The list of ids generated by `getSearchableWebmounts()` may contain duplicated values being passed into an `IN()` criteria, causing additional load to the database server. The values are now de-duplicated by applying `array_unique()` onto the list before passing the list around. Resolves: #100750 Releases: main, 11.5 Change-Id: Ib49bf1a5903cca2fbaa12ea240050caa7908f69c Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78874 Tested-by:
Andreas Fernandez <a.fernandez@scripting-base.de> Reviewed-by:
-
- Apr 25, 2023
-
-
Daniel Siepmann authored
Resolves: #100742 Releases: main, 11.5 Change-Id: Ibff1f2da48192a23d3fe6e5404c95f3b7e6c8ae8 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78852 Reviewed-by:
-
- Apr 24, 2023
-
-
Benni Mack authored
With #100720 the AbstractExceptionHandlers const IGNORED_EXCEPTION_CODES was set from private to public in order to allow to use it in subclasses. However, public is making this a full public API, which should be within the ExceptionHandler logic in general. For this reason, the constant is now changed from public to protected. Resolves: #100736 Relates: #100720 Releases: main, 11.5 Change-Id: I58427977c2217792ae854738f59527bdb2e8339e Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78736 Tested-by:
-
Markus Klein authored
Body content generation may be triggered by calling some getter or indirectly when the mail is sent (via `ensureValidity`). This changes ensures that multiple tries to generate the body are only executed if the state of the view has actually changed. This enables extensions to manipulate the content of an e-mail via events without getting their changes overridden again when the mail is sent. Resolves: #99944 Releases: main, 11.5 Change-Id: I5eced5710feeb66e6f1e32f10f710d388bc43a62 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78251 Tested-by:
Markus Klein <markus.klein@typo3.org> Tested-by:
-
Thomas Hohn authored
The variable $row['url_response']['errorParams'] should always contain a value. Either the actual error message array or an empty array to avoid a PHP 8 warning. The corresponding getErrorMessage methods now have a guard clause to check if the array is empty to avoid further propagated warnings. In TYPO3 v13 that signature of the getErrorMessage should be changed to be array. The array $errorParams is always initialized to an empty array instead of null. IN TYPO3 v13 the default value of $errorParams should be [] instead of null. Resolves: #99988 Releases: main, 11.5 Change-Id: I0f7e10f45e0f5ec7e80b79d705b38fda9a3f1410 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78812 Tested-by:
-
Christoph Lehmann authored
This makes AbstractExceptionHandler::IGNORED_EXCEPTION_CODES public accessible in order to re-use it in custom error handlers. Resolves: #100720 Releases: main, 11.5 Change-Id: Id9217d3bbf3b66982adceb485918e52bb5cddd56 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78735 Tested-by:
-
Christoph Lehmann authored
Illegal requests should not fill log files. The Exception is thrown in \TYPO3\CMS\Core\Http\Request::validateMethod() Resolves: #100718 Releases: main, 11.5 Change-Id: I202fba9e76ac00ab11e02dc401633b383b0048b6 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78734 Reviewed-by:
-
Torben Hansen authored
The redirect evaluation is currently always processed no matter if a `redirectMode` based on the referer is configured or not. Also, given referers are checked for validity using `RedirectUrlValidator`, which logs a message in the TYPO3 log with the log level `warning` if the given URL is considered as invalid. This patch adds a check to the referer evaluation, so it is only processed, if a redirect mode supporting the referer is active. Additionally, the log level for invalid redirect URLs in `RedirectUrlValidator` is changed to `debug`, since a warning is not appropriate for invalid redirect URLs. Resolves: #100197 Releases: main, 11.5 Signed-off-by:
Torben Hansen <derhansen@gmail.com> Change-Id: I10d1723de131e0387f7dd2103c8a1ca21ed015e5 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78733 Reviewed-by:
-
- Apr 22, 2023
-
-
Oliver Hader authored
Prior to #93240 URL routes were reverse sorted using the corresponding site identifier (which did not contain any URL information). For the scenario of matching undefined URLs (e.g. base URL is "/website/", but request was like "https://example.org/"), the first item of a reverse sorted list was used. Resolves: #99149 Related: #93240 Releases: main, 11.5 Change-Id: Ia242591cebfba7d8221494a5d214f6dca75a00fc Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78794 Tested-by:
-
- Apr 21, 2023
-
-
Markus Klein authored
Remove any modification done to Context by the RedirectHandler/RedirectService in order to have a proper rendering of FE in case no valid redirect is found (circular). Resolves: #100654 Releases: main, 11.5 Change-Id: I7fb0c1ac9619d7599151e57cbcacc916deee41c5 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78722 Tested-by:
-
Markus Klein authored
Whenever a scheduler task fails during execution via CLI `scheduler:run`, the error message is now always written to stderr. This gives the task executor (e.g. cron) a chance to identify any failures, if even stdout is redirected to /dev/null. The task-loop is adapted to avoid (ab)using exceptions for control-flow (for loop-abortion). It instead now uses nullables to signal that not finding a next-task is expected behavior, not an exception. Also the exit code of the command is adapted to switch to 1 in case at least one error occured. (This is important in case the cronjob is executed as systemd-timer) Resolves: #87806 Releases: main, 11.5 Change-Id: I0b55bab7fcd916209114d9e3e07f54c7243ce9a5 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78220 Tested-by:
Benjamin Franzke <benjaminfranzke@gmail.com> Reviewed-by:
-
- Apr 20, 2023
-
-
Andreas Fernandez authored
The dimensions available in `CropperEvent` are fractions in some cases, that probably happens when an image gets upscaled. This causes issues as those dimensions are apparently adjusted downward in the cropper library, resulting in dimension reduced by 1px. To solve this issue, `Math.ceil()` is applied to round up incoming dimensions. Resolves: #96722 Releases: main, 11.5 Change-Id: I537bccd32a634805a37957bea59ec51e5e856272 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78769 Reviewed-by:
-
- Apr 18, 2023
-
-
Oliver Bartsch authored
In case an export is created based on e.g. an invalid preset, no PHP TypeError should occur. This is now fixed by properly typecasting the input data. Additionally, two possible undefined array key access warnings are fixed. Resolves: #97403 Releases: main, 11.5 Change-Id: I994391909b44247879099ce92d61911c56ca7e39 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78732 Reviewed-by:
-
Markus Klein authored
Extbase does not ask the database anymore for relations, where the uid in the database field is zero. This prevents SQL queries with where-parts like `uid IN (0)`. Since this is done when reconstituting models from the database, depending on the amount of relations of a model, the number of saved queries is huge. Resolves: #99505 Releases: main, 11.5 Change-Id: If3b6c2756674eeb43a66b59a13e44011c9845cd5 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77582 Tested-by:
Stephan Großberndt <stephan.grossberndt@typo3.org> Tested-by:
-
- Apr 17, 2023
-
-
Oliver Bartsch authored
Used command(s): > Build/Scripts/runTests.sh -s phpstanGenerateBaseline Resolves: #100565 Releases: 11.5 Change-Id: I11d1680ec707e7c93d8dcbfcf558d840094a1a65 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78692 Reviewed-by:
Sybille Peters <sypets@gmx.de> Tested-by:
-
Chris Müller authored
Additionally, remove outdated manuals from list in Settings.cfg. Resolves: #100641 Releases: main, 11.5 Change-Id: Idc09d4da5a0131ae9d4554790d6f782a87d8da5a Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78577 Tested-by:
-
Albrecht Köhnlein authored
Set the variable `$linkParts['tableName']` even if the currently linked record could not be found. The variable is required in later step to show information, which also should be present for deleted records. Resolves: #100611 Releases: main, 11.5 Change-Id: I3f5d1e53d8c6889c8907af5ff56c76eb74efa5fc Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78680 Tested-by:
Albrecht Köhnlein <ak@koehnlein.eu> Reviewed-by:
Jörg Bösche <typo3@joergboesche.de> Tested-by:
-
Benni Mack authored
Resolves: #98985 Releases: main, 11.5 Change-Id: Id886584f8fa57b30f54257d79a6eca4465906a86 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78576 Reviewed-by:
-
- Apr 16, 2023
-
-
Albrecht Koehnlein authored
The HTML parser failed to correctly detect single tags with closing `/` and without white space, e.g. `<br/>`. The old tag name detection only splitted the tag content by white spaces, which is not enough to correctly find these valid tags. So the new way is to also remove trailing slashes from the tag name. Resolves: #96347 Related: #96307 Releases: main, 11.5 Change-Id: I3acefcbf046600bf118764b873f15b2a1678932d Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78575 Tested-by:
-
Albrecht Köhnlein authored
Set the array index `$linkDetails['typoLinkParameter']` in `\TYPO3\CMS\Redirects\Service\RedirectService` to pass it through. That information is needed for the LinkBuilder. For example, `DatabaseRecordLinkBuilder` would trigger an array key access error, in case the linked record cannot be found and no link can be generated. This array value is use there for the thrown exception message. The team play between `LinkService->resolve()` and the `LinkBuilder->build()` should be reviewed in a dedicated change. It may be useful, that the resolver directly adds this information to the result, making the manual adding at several placed through out the core obsolete. Comments are added to document this. Resolves: #100612 Releases: main, 11.5 Change-Id: I74cbf5cbb1b91e0045207873554aec4477986c4b Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78672 Tested-by:
-
- Apr 15, 2023
-
-
Stefan Bürk authored
External "enshrined/svg-sanitize" package uses `libxml_use_internal_errors()`, but fails to clear errors using libxml_clear_errors(). This can lead to side effects with subsequest libxml usages. An upstream patch to fix this is pending, but it needs to be merged and released. In the meantime, we mitigate the issue in our wrapper class. See: https://github.com/darylldoyle/svg-sanitizer/pull/90 Resolves: #100607 Releases: main, 11.5 Change-Id: I911119b498a4dda8312c5ca940b5fdf6410a1a87 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/78648 Tested-by:
-
