- Mar 21, 2018
-
-
Oliver Hader authored
This reverts commit 1bd63f45. This change caused a regression which basically affected users of Mozilla Firefox - details are described in issue #84503. Besides that the initial bug report address the frontend part, changing backend login behavior was not required in order for the bug fix. Releases: master, 8.7, 7.6 Resolves: #84503 Reverts: #76120 Change-Id: I45fe6086afa48eed71be635e8cf4a1f3fa138ab2 Reviewed-on: https://review.typo3.org/56396 Tested-by:
TYPO3com <no-reply@typo3.com> Reviewed-by:
Oliver Hader <oliver.hader@typo3.org> Tested-by:
Susanne Moog <susanne.moog@typo3.org> Tested-by:
-
- Mar 13, 2018
-
-
Nicole Cordes authored
This patch adds the name and value of the first submit button found in a form to the input field used to send the form. RsaEncryptionWithLib.min.js created with: ../../../../../../Build/node_modules/uglify-js/bin/uglifyjs \ RsaLibrary.js RsaEncryption.js > RsaEncryptionWithLib.min.js Resolves: #76120 Releases: master, 8.7, 7.6 Change-Id: I3f0fdc7e933267689114d5bcf62d3fcfe2db5146 Reviewed-on: https://review.typo3.org/56104 Reviewed-by:
Stefan Neufeind <typo3.neufeind@speedpartner.de> Tested-by:
Andreas Fernandez <a.fernandez@scripting-base.de> Tested-by:
-
- Oct 31, 2016
-
-
Frank Naegler authored
This patch removes the hard dependency to RsaEncryptionModule and adds a check if the module can be loaded. It on the go adds a hardening to the RsaEncryptionModule to avoid registration of form event handlers twice, which is now needed to cover all potential loading orders of RsaEncryptionModule and LoginRefresh. Resolves: #78299 Related: #75911 Releases: master, 7.6 Change-Id: Ie03f1c7bc34e48f03213dec70c62d8ccc339ab31 Reviewed-on: https://review.typo3.org/50239 Tested-by:
Christian Kuhn <lolli@schwarzbu.ch> Tested-by:
-
- Aug 29, 2016
-
-
Helmut Hummel authored
The RsaEncryption and the LoginRefresh module are loaded independently by requireJS, which means they are loaded asynchronous. This means that either one of those modules is initialized first. However the RsaEncryption module scans the DOM for form elements and the LoginRefresh inserts a form. This means if the RsaEncryption is initialized first, then the form created by LoginRefresh will not be intercepted, leading to the (heisen-)bug described. This change enforces the loading order by adding the RsaEncryption as dependency to LoginRefresh and registering the form manually, to make sure it will be intercepted and passwords will transmitted encrypted. Resolves: #75911 Releases: 7.6, master Change-Id: Ib4aba70b3545f163a16a4eee62bed9e5a48b2fe7 Reviewed-on: https://review.typo3.org/49478 Tested-by:
Bamboo TYPO3com <info@typo3.com> Reviewed-by:
Andreas Fernandez <typo3@scripting-base.de> Tested-by:
-
- Oct 23, 2015
-
-
Frank Nägler authored
Resolves: #70966 Releases: master Change-Id: Ic78753be0facd860e5ab30ce6d7340e040dee59c Reviewed-on: https://review.typo3.org/44170 Reviewed-by:
Wouter Wolters <typo3@wouterwolters.nl> Tested-by:
-
- Oct 15, 2015
-
-
Markus Klein authored
Also remove useless closures and public exposure of modules, which are not used via the TYPO3 global. Moreover use single quotes for 'use strict' consistently. Resolves: #70601 Releases: master Change-Id: If7183f91a5b9fab320cea8eb1759e78b47141984 Reviewed-on: http://review.typo3.org/43999 Reviewed-by:
Daniel Goerz <ervaude@gmail.com> Tested-by:
-
- Oct 12, 2015
-
-
Frank Nägler authored
The namespace and name of an AMD module is not needed. The resolving of names works without the defined name of a module and should be removed to anonymize the modules. Resolves: #70607 Releases: master Change-Id: I9e1a81d30de7764ffbccf0b0985b55ed5b6cb96d Reviewed-on: http://review.typo3.org/44002 Reviewed-by:
Markus Klein <markus.klein@typo3.org> Tested-by:
-
- Oct 05, 2015
-
-
Benjamin Mack authored
The AjaxRequestHandler now first checks in the Router if an AJAX route exists. A new flag "ajax" in the routing mechanism allows to call ajax-based URLs which are then handed to the AJAX Request Handler. All controllers now receive proper Request and Response objects. All previous logic still works, but can slowly be migrated to the Routing concept. Resolves: #69916 Releases: master Change-Id: I1e67d5a341a4dd2769247531246c9e1fad900c76 Reviewed-on: http://review.typo3.org/43365 Reviewed-by:
Benni Mack <benni@typo3.org> Tested-by:
-
- Sep 12, 2015
-
-
Andreas Fernandez authored
Stores the original submit handler, remove it from the form element and add it back only at a later point, when the RSA module wants to submit the form. This prevents Chrome to submit a form twice if it contains a RSA password protected field. Resolves: #69713 Releases: master Change-Id: I085b68dfeb901be960096e3d570da097adf0327b Reviewed-on: http://review.typo3.org/43239 Reviewed-by:
Stephan Großberndt <stephan@grossberndt.de> Tested-by:
Nicole Cordes <typo3@cordes.co> Tested-by:
Mathias Brodala <mbrodala@pagemachine.de>
-
- Aug 07, 2015
-
-
Nicole Cordes authored
This patch adds rsa encryption to password fields. It introduces an own rsaInput render type which turns fields into true password fields and removes JavaScript default value '********'. Furthermore the rsa Api is adjusted to handle the incoming data correctly. Releases: master Resolves: #68166 Change-Id: I4eb8186f77e5b9215310f65d606bc49c71b19880 Reviewed-on: http://review.typo3.org/41286 Reviewed-by:
-
- Jul 14, 2015
-
-
Nicole Cordes authored
This patch introduces new API which eases the use of RSA encryption across the core and for third party extensions. For backend encryption a new RequireJS module is included which finds fields to encrypt automatically by their data attribute. For frontend encryption the JavaScript was rewritten to work the same way the RequireJS module works but with plain (vanilla) JavaScript. Releases: master Resolves: #67932 Resolves: #34568 Change-Id: Id35dd65d1019a8c16858f03989ff48e3434698e4 Reviewed-on: http://review.typo3.org/40938 Reviewed-by:
Georg Ringer <georg.ringer@gmail.com> Tested-by:
-
