Bug #92762
closed
Accessing a restricted subpage of a sysfolder triggers a 404 instead of 403
100%
Description
On TYPO3 9, accessing a restricted subpage of a sysfolder triggered a 403.
On TYPO3 10, a 404 is triggered.
This is a regression introduced in https://review.typo3.org/c/Packages/TYPO3.CMS/+/58829
How to reproduce
With the following page tree:
Rootpage - page 1 (public, enabled) - sysfolder 3 (enabled) -- subpage 2 (restricted to authenticated users, enabled)
Without a frontend session, access the subpage 2 triggers a 404.
What should I see?
Without a frontend session, access the subpage B should trigger a 403.
Updated by Rémy DANIEL over 3 years ago
- Related to Task #92225: Add test previewing created hidden page & content in workspace added
Updated by Rémy DANIEL over 3 years ago
- Related to Bug #86346: Hidden pages sent 403 Header added
Updated by Benoit Chenu over 3 years ago
I think the issue was introduced here :
Related to this issue :
https://forge.typo3.org/issues/18079
If we remove the condition on DOKTYPE_SYSFOLDER, TYPO3 send a 403 as expected :
< if ($this->page['doktype'] PageRepository::DOKTYPE_SPACER || $this->page['doktype'] PageRepository::DOKTYPE_SYSFOLDER) {
> if ($this->page['doktype'] == PageRepository::DOKTYPE_SPACER) {
Updated by Benoit Chenu over 3 years ago
- Related to Bug #18079: slide of cObj CONTENT stops if sysfolder in rootline added
Updated by Markus Klein over 3 years ago
- Related to Feature #20933: Enable working with SysFolders in CONTENT added
Updated by
Updated by Gerrit Code Review almost 3 years ago
- Status changed from New to Under Review
Patch set 1 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/69306
Updated by Gerrit Code Review over 2 years ago
Patch set 2 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/69306
Updated by Gerrit Code Review over 2 years ago
Patch set 3 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/69306
Updated by Gerrit Code Review over 2 years ago
Patch set 5 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/69306
Updated by Gerrit Code Review over 2 years ago
Patch set 1 for branch 10.4 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/71362
Updated by Benni Mack over 2 years ago
- Status changed from Under Review to Resolved
- % Done changed from 0 to 100
Applied in changeset 463597c18974c119cde27502a31b59c3f9fc4b67.
Updated by Gerrit Code Review over 2 years ago
- Status changed from Resolved to Under Review
Patch set 2 for branch 10.4 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/71362
Updated by Gerrit Code Review over 2 years ago
Patch set 3 for branch 10.4 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/71362
Updated by Benni Mack over 2 years ago
- Status changed from Under Review to Resolved
Applied in changeset 48fe2af632a7e8df27835dad36cbf61ea0d5e154.
Updated by Benni Mack about 2 years ago
- Related to Bug #93229: Page with access restriction throws 404 if parent is a folder added