TYPO3 Forge: Issueshttp://forge.typo3.org/http://forge.typo3.org/themes/typo3_forge/favicon/favicon.png?17058661692024-03-14T17:36:06ZTYPO3 Forge
Redmine TYPO3 Core - Bug #103400 (Under Review): Avoid mapping route values that are out of scopehttp://forge.typo3.org/issues/1034002024-03-14T17:36:06ZOliver Haderoliver.hader@typo3.orgTYPO3 Core - Bug #101460 (Resolved): Allow strict-dynamic only for applicable CSP directiveshttp://forge.typo3.org/issues/1014602023-07-27T10:56:06ZOliver Haderoliver.hader@typo3.orgTYPO3 Core - Bug #87123 (Closed): Adjust modal window processing and RequireJS loadinghttp://forge.typo3.org/issues/871232018-12-11T12:46:19ZOliver Haderoliver.hader@typo3.orgTYPO3 Core - Bug #85526 (Closed): Avoid using undefined constant PASSWORD_ARGON2Ihttp://forge.typo3.org/issues/855262018-07-09T22:32:12ZOliver Haderoliver.hader@typo3.org
<pre>
#1476107295: PHP Warning: Use of undefined constant PASSWORD_ARGON2I - assumed 'PASSWORD_ARGON2I' (this will throw an Error in a future version of PHP) in typo3/sysext/saltedpasswords/Classes/Salt/Argon2iSalt.php line 122</pre>
<p>When editing password of (different) backend user in form view.</p> TYPO3 Core - Bug #30095 (Closed): Arbitrary TypoScript execution on system extension formhttp://forge.typo3.org/issues/300952011-09-20T17:37:34ZOliver Haderoliver.hader@typo3.org
<p>The new system extension form can be used to render custom FORM elements as well as regular cObjects like TEXT or COA.<br />Since the form wizard can be used by any editor in the backend and writes data to the field bodytext, this can also be used to execute arbitrary TypoScript without further access checks.</p>
<p>This change introduces two defined and allowed content elements "header" and "textblock" that can be defined by using the form wizard. If the TypoScript that was generated by the mentioned wizard is rendered, regular cObjects are disabled. If the FORM or FORM_INT cObject is used directly from a TypoScript template, all possible cObjects can still be used.</p>
<p><img src="http://forge.typo3.org/attachments/download/18789/form_wizard.png" title="Content Elements header and text block" alt="Content Elements header and text block" loading="lazy" /></p> TYPO3 Core - Bug #28589 (Closed): Autoloader Cache is not updatedhttp://forge.typo3.org/issues/285892011-07-30T15:40:24ZOliver Haderoliver.hader@typo3.org
<p>The autoload registry contents are stored in a separated PHP level caching in TYPO3 4.6.<br />There are already several mechanisms to flush the cache, e.g. on installing a new extension.</p>
<p>However, during development (and also maybe during TYPO3 Source Updates) new classes in the registry files are not considered.</p>
Now, there are several ways to solve that:
<ul>
<li>if we rely on the extension manager to flush the cache on updates, we just would need the cacheIdentifier contain e.g. the TYPO3 version number</li>
<li>if that does not help, we need a way to find out whether a registry file was modified (e.g. MD5 hash of that file)</li>
<li>if that all does not help or is too expensive, we could use a lifetime for those caches (of course does not help during development and patch reviewing)</li>
</ul> TYPO3 Core - Bug #22002 (Closed): Add unit test concerning XML parsing of unwrapped entitieshttp://forge.typo3.org/issues/220022010-01-21T15:12:45ZOliver Haderoliver.hader@typo3.org
<p>Imagine a XML value like the following:<br />index.php?&id=13</p>
<p>Several PHP/libxml versions do not parse entities like "&amp;" anymore, thus this part has to be wrapped in a CDATA block. A setting in the install tool automatically adds this block for flexforms - $TYPO3_CONF_VARS['BE']['flexformForceCDATA'].</p>
<p>However, this unit test checks whether the used PHP version requires the CDATA setting.</p>
<p>(issue imported from #M13317)</p> TYPO3 Core - Bug #21206 (Closed): Add more unit tests for t3lib_matchConditionhttp://forge.typo3.org/issues/212062009-10-08T16:12:05ZOliver Haderoliver.hader@typo3.org
Extend the number of unit tests in t3lib_matchCondition for the expressions:
<ul>
<li>language</li>
<li>usergroup</li>
<li>loginUser</li>
<li>globalString</li>
<li>treeLevel</li>
<li>PIDupinRootline</li>
<li>PIDinRootline</li>
<li>compatVersion</li>
<li>generic tests to access the namespaces GP, TSFE, ENV, IENV</li>
</ul>
<p>(issue imported from #M12153)</p> TYPO3 Core - Bug #20973 (Closed): Add unit tests for t3lib_div::removeDotsFromTS()http://forge.typo3.org/issues/209732009-09-01T19:32:24ZOliver Haderoliver.hader@typo3.org
<p>t3lib_div::removeDotsFromTS() can convert TypoScript array to regular arrays by removing the the dot "." at the end of property nodes. The test cases shall help to test the correct behaviour concerning overriding of values.</p>
<p>Example TypoScript:<br />test {<br /> propertyA = 13<br /> propertyA.value = 123<br />}</p>
<p>On removing the dot of propertyA there will be a conflict - however the last setting overrides the first one.</p>
<p>(issue imported from #M11846)</p> TYPO3 Core - Bug #20572 (Closed): Autoloader floads sysLog with XCLASS failureshttp://forge.typo3.org/issues/205722009-06-05T11:01:00ZOliver Haderoliver.hader@typo3.org
<p>In the sysLog many entries like this appear with using the autoloader:<br />04-06-09 17:20 - Core: Unable to autoload class "ux_t3lib_matchCondition"</p>
<p>The reason are the class_exists('ux_' ...) calls in t3lib_div.</p>
<p>(issue imported from #M11272)</p> TYPO3 Core - Bug #20322 (Closed): Add possibility to use username and get located to OpenID provi...http://forge.typo3.org/issues/203222009-04-18T02:22:34ZOliver Haderoliver.hader@typo3.org
<p>Add possibility to use username and get located to OpenID provider if an OpenID was provided.</p>
<p>(issue imported from #M10924)</p> TYPO3 Core - Bug #20148 (Closed): Backend admin cannot perform file operations in filelisthttp://forge.typo3.org/issues/201482009-03-09T10:23:50ZOliver Haderoliver.hader@typo3.org
<p>Each user (also admin users) in the backend can be defined with specific fileoperation permissions. If an admin user has no permissions here he's not allowed to e.g. create a new directory in the filelist module (fileadmin).<br />However, an admin is allowed to change its permissions in the be_users table. Thus, there should not be a check in the filelist module against the mentioned fileoperation permissions for admin users.</p>
<p>(issue imported from #M10642)</p> TYPO3 Core - Bug #19841 (Closed): Backend not usable in Internet Explorer anymorehttp://forge.typo3.org/issues/198412009-01-16T17:33:13ZOliver Haderoliver.hader@typo3.org
<p>In Internet Explorer 7 the TYPO3 Backend is not usable anymore due to JavaScript errors. Clicking a module in the left navigation has no result.</p>
<p>This behaviour was introduced in Trunk rev. 4645 for issue <a class="issue tracker-2 status-5 priority-4 priority-default closed" title="Feature: Remove JS popup when login expired (Closed)" href="http://forge.typo3.org/issues/19152">#19152</a></p>
<p>(issue imported from #M10167)</p> TYPO3 Core - Bug #19559 (Closed): AdminPanel shows superfluous "Include file class.tx_whatever_pi...http://forge.typo3.org/issues/195592008-11-03T11:58:22ZOliver Haderoliver.hader@typo3.org
<p>The AdminPanel shows superfluous "Include file class.tx_whatever_pi1.php" messages even if the file was included before. That's not a real problem, since the file itself gets included by PHP's "include_once" and will be only loaded once. But the information in the AdminPanel can be improved.</p>
For USER_INT objects the flow is like the following:
<ul>
<li>cObj: push object information to $GLOBALS['TSFE']->config['INTincScript'] (with includeLibs configuration)</li>
<li>TSFE: post-process objects and load files of includeLibs configuration</li>
<li>TSFE: recall cObj->USER as "USER" object (not "USER_INT") anymore</li>
<li>cObj: includeLibs is found again and information of "File inclusions" is shown</li>
</ul>
<p>Solution:<br />a) remove includeLibs before passing again to cObj<br />b) track what files have been included before (but takes much longer)</p>
<p>(issue imported from #M9722)</p> TYPO3 Core - Bug #17981 (Closed): Add some more functionality to new AJAX interface in the TYPO3 ...http://forge.typo3.org/issues/179812008-01-11T11:58:59ZOliver Haderoliver.hader@typo3.org
This bug report concerns the following:
<ul>
<li>changing namespace of ajaxIds from e.g. "foldertree_ExpandCollapse" to "SC_alt_db_navframe::ExpandCollapse" </li>
<li>add TYPO3AJAX::setContent($content) to completely overwrite the data array</li>
<li>add the possibility to use a non-associative content array by addContent(null, 'whatever')</li>
<li>add the missing format types "jsonhead" and "jsonbody" </li>
<li>fix some phpdoc related things</li>
</ul>
<p>(issue imported from #M7124)</p>