Project

General

Profile

Actions

Bug #19464

closed

Return URL: Double Encoded characters cause server error

Added by Bernie Pfister about 16 years ago. Updated about 11 years ago.

Status:
Closed
Priority:
Should have
Assignee:
-
Category:
-
Target version:
-
Start date:
2008-10-16
Due date:
% Done:

0%

Estimated time:
TYPO3 Version:
4.2
PHP Version:
5.2
Tags:
Complexity:
Is Regression:
No
Sprint Focus:

Description

On our RedHat server, double encoded characters in the return url cause a server error 500.

The forward slash character / can be encoded like this: %2F (HEX encode)

But it can also be encoded like this: %252F (Double encode)

The latter is used in TYPO3 return urls, but causes the above server error. It works when using the HEX encoded characters.

URL like this doesn't work:
...&returnUrl=http%3A%2F%2F ... file_list.php?id=%252Fvar%252Fwww%252F...

This URL works:
...&returnUrl=http%3A%2F%2F ... file_list.php?id=%2Fvar%2Fwww%2F...

From what I was reading, there are security issues with this encoding method, which might be the reason that it's disabled on some servers.

(issue imported from #M9572)


Related issues 1 (0 open1 closed)

Has duplicate TYPO3 Core - Bug #17331: New Subcategory Returns Service UnavailableClosed2007-05-25

Actions
Actions #1

Updated by Christian Kuhn about 16 years ago

Please give a procedure on how to reproduce.

Actions #2

Updated by Bernie Pfister about 16 years ago

Christian, to reproduce:

Go to "Filelist"

  • This works **
    right click on folder and select "New"
  • this doesn't work**
    1) left click on a folder to see its content

2) right click on a different folder and select "New" (this will bring a server error)

This might not be the case for everyone, because I believe this is dependent on the server configuration.

However, from reading on Google there is a security issue with double encoded characters, so it might be a good idea to revisit this issue in future releases. Also, we should try to find out who and why double encoded characters were introduced in 4.2.

Actions #3

Updated by Christian Kuhn about 16 years ago

Confirmed.

A start to debug this is probably alt_clickmenu.php around function FILE_launch. I will not dig deeper into this issue, please do not expect a solution from me.

Actions #4

Updated by Alexander Opitz over 11 years ago

  • Status changed from New to Needs Feedback
  • Target version deleted (0)

The issue is very old, does this issue exists in newer versions of TYPO3 CMS (4.5 or 6.1)?

Actions #5

Updated by Alexander Opitz about 11 years ago

  • Status changed from Needs Feedback to Closed
  • Is Regression set to No

No feedback for over 90 days.

Actions

Also available in: Atom PDF