Project

General

Profile

Actions

Bug #105717

open

columnsOnly parameter lost on record_edit after redirect

Added by Rafael Kähm 10 days ago.

Status:
New
Priority:
Should have
Assignee:
-
Category:
Link Handling & Redirect Handling
Target version:
Start date:
2024-11-27
Due date:
% Done:

0%

Estimated time:
TYPO3 Version:
12
PHP Version:
8.3
Tags:
Routing
Complexity:
Is Regression:
Sprint Focus:

Description

The columnsOnly parameter of SHAREABLE_URL-URIs to record_edit is removed after redirect(XSS/CSRF protection).

Most probably columnsOnly parameter was not taken into account on https://github.com/TYPO3/typo3/commit/fa51999203c5e5d913ecae5ea843ccb2b95fa33f

Suggested solution:

https://github.com/TYPO3/typo3/blob/9de9b6928993c1d752e1fc1b5f65160f8661f4ad/typo3/sysext/backend/Configuration/Backend/Routes.php#L258-L272

    /**
     * Main form rendering script
     * By sending certain parameters to this script you can bring up a form
     * which allows the user to edit the content of one or more database records.
     */
    'record_edit' => [
        'path' => '/record/edit',
        'target' => Controller\EditDocumentController::class . '::mainAction',
        'redirect' => [
            'enable' => true,
            'parameters' => [
                'edit' => true,
                'columnsOnly' => true,
            ],
        ],
    ],

No data to display

Actions

Also available in: Atom PDF