Project

General

Profile

Actions

Bug #102619

closed

CKEditor: file_exists(): open_basedir restriction in effect. File(/_assets/.../Css/editor.css)

Added by Christian Ludwig 7 months ago. Updated 6 days ago.

Status:
Closed
Priority:
Should have
Category:
RTE (rtehtmlarea + ckeditor)
Target version:
-
Start date:
2023-12-06
Due date:
% Done:

100%

Estimated time:
TYPO3 Version:
12
PHP Version:
8.1
Tags:
ckeditor
Complexity:
Is Regression:
Sprint Focus:

Description

The sys log gets flooded by those errors when opening a content element that includes the CKEditor (v12.4.8)

Core: Error handler (BE): PHP Warning: file_exists(): open_basedir restriction in effect. File(/_assets/xyz/Css/editor.css) is not within the allowed path(s): (/var/www/vhosts/my-website/:/tmp/) in /var/www/vhosts/my-website/vendor/typo3/cms-core/Classes/Utility/GeneralUtility.php line 2162

The original css file is located in /var/www/vhosts/my-website/vendor/typo3/cms-rte-ckeditor/Resources/Public/Css/editor.css and "_assets/xyz" is the symlink to the CKEditor's public folder.

The file path is returned as part of the array of TYPO3\CMS\RteCKEditor\Form\Element\RichTextElement::render().

$resultArray['stylesheetFiles'][] = PathUtility::getPublicResourceWebPath('EXT:rte_ckeditor/Resources/Public/Css/editor.css');
Actions #1

Updated by Chris Müller 7 months ago

  • Status changed from New to Needs Feedback

What is your open_basedir configuration?

Actions #2

Updated by Christian Ludwig 7 months ago

It is /var/www/vhosts/my-website/:/tmp/, what is correct.
But the css is searched in /_assets/ what is wrong, it should be /var/www/vhosts/my-website/public/_assets/

Actions #3

Updated by Chris Müller 7 months ago

  • Status changed from Needs Feedback to New
Actions #4

Updated by Daniel Siepmann 7 months ago · Edited

  • Assignee set to Daniel Siepmann

We have the same issue. I'll provide a patch.

This can also be verified with default TYPO3 settings and networkpanel. TYPO3 would add the proper versioning to the URL if everything works as expected. That way one can test without needing to set up the restriction.

Actions #5

Updated by Gerrit Code Review 7 months ago

  • Status changed from New to Under Review

Patch set 1 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/82166

Actions #6

Updated by Gerrit Code Review 7 months ago

Patch set 1 for branch 12.4 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/82120

Actions #7

Updated by Daniel Siepmann 7 months ago

  • Status changed from Under Review to Resolved
  • % Done changed from 0 to 100
Actions #8

Updated by Benni Mack 6 days ago

  • Status changed from Resolved to Closed
Actions

Also available in: Atom PDF