Project

General

Profile

Actions

Bug #100058

open

Upgrade issue from v10 to v11 in legacy install with TrustedHostPattern

Added by Julien Savard over 1 year ago. Updated over 1 year ago.

Status:
New
Priority:
Should have
Assignee:
-
Category:
Security
Target version:
Start date:
2023-03-01
Due date:
% Done:

0%

Estimated time:
TYPO3 Version:
11
PHP Version:
7.4
Tags:
Complexity:
Is Regression:
Sprint Focus:
Needs Decision

Description

Description :
At the end of the upgrade Wizard from v10 to v11 when everything is done it seems the TrustedHostPattern expect a new value.
TrustedHostPattern value was (in v10 before upgrade) :

'trustedHostsPattern' => 'smto-typo.acc.internal.tld|app.smto-typo.acc.internal.tld|lb.smto-typo.acc.internal.tld|rp.smto-typo.acc.internal.tld|www.qual.external.tld|www.acc.external.tld'

TrustedHostPattern expected in the "Whoops"

'trustedHostsPattern' => 'app.www.acc.internal.tld',

internal.tld and external.tld are "censored" placeholder of my real domains.

Step to reproduce :
- Having a typo3 v10 legacy install
- Untar typo3_src-11.5.24.tar.gz in /var/www/html
- Remove symlink /var/www/html/public/typo3_src ( target = ../typo3_src-10.4.36 )
- Create symlink /var/www/html/public/typo3_src ( target = ../typo3_src-11.5.24 )
- touch /var/www/html/public/ENABLE_INSTALL_TOOL
- chown apache:apache ENABLE_INSTALL_TOOL
- run upgrade Wizard
- Try to log into backend
- cry with a whoops

Workaround :
Add the new URL in the TrustedHostPattern variable

Actions

Also available in: Atom PDF