Project

General

Profile

Actions

Bug #103078

open

Extbase form sent via get always leads to chash error

Added by Nicole Zingg 2 months ago.

Status:
New
Priority:
Should have
Assignee:
-
Category:
Extbase
Target version:
-
Start date:
2024-02-07
Due date:
% Done:

0%

Estimated time:
TYPO3 Version:
12
PHP Version:
8.2
Tags:
Complexity:
Is Regression:
Sprint Focus:

Description

If I create a form with method="get" in a simple extbase extension, every form submit leads to a chash error and thus a 404 response.

Steps to reproduce the problem
1. check that the following configuration options are enabled (default settings): [FE][cacheHash][enforceValidation] = true and [FE][pageNotFoundOnCHashError] = true
2. in a simple extbase extension: create a form with the f:form viewhelper (the form must not even contain a field)
3. configure the form to be sent via get method
4. submit the form

Actual results
404 Error (because no chash is generated)

Expected results
the response of my extbase action

Additional notes
As I understand it, the get parameters of a form could be excluded from the chash calculation via ['FE']['cHashExcludedParameters']. But for the form to work __referrer and __trustedProperties would also need to be excluded. Is that how it's intended to be? If yes, does that mean the get method can only be used if either enforceValidation or pageNotFoundOnCHashError are set to false, or all the parameters are excluded from the chash calculation?

About the use case: a list should be filtered. We use a form for the filter options because there are multiple filters with multiple checkboxes. The form is sent via GET so the filter parameters can be added in pagination links via addQueryString. The thing with pagination could probably also be solved somehow if the form is sent via POST, but I don't really see a way any extbase GET-form would work with the standard settings.

No data to display

Actions

Also available in: Atom PDF