Bug #24165
closed
Hidden file ./typo3_src_svn/typo3/contrib/codemirror/contrib/python/css/._pythoncolors.css causes failures
0%
Description
The file ./typo3_src_svn/typo3/contrib/codemirror/contrib/python/css/._pythoncolors.css
get process by the compressor/merger and causes failures on MaCOS X
I made it private as it seems to be a bug in compressor to include hidden files.
(issue imported from #M16515)
Updated by Björn Pedersen almost 14 years ago
related to http://bugs.typo3.org/view.php?id=16533
Updated by Steffen Gebert almost 14 years ago
I don't know, how t3editor adds the CSS of its plugin files.
template.php adds the files from stylesheet directories (in function addStyleSheetDirectory()) using t3lib_div::getFilesInDir($resolvedPath, 'css', FALSE, 1);
The hidden files have been removed from SVN some days ago (was only in trunk)
Updated by Helmut Hummel almost 14 years ago
Björn, can you explain, why you see a problem in this behaviour of template.php?
An attacker could only take advantage of this if he or she could upload files in this directory.
I tend to close this case.
Updated by Björn Pedersen almost 14 years ago
The main problem would be information disclosure.
But you are right, that it is not a really critical bug.
Updated by Helmut Hummel almost 14 years ago
It would only disclose files which are present in the TYPO3 directories anyways. I close this one now...
Updated by Steffen Gebert almost 14 years ago
Comment by Ronald Renfro:
I found some info on how to avoid the creation of such files on the client and added this to
my .bash_profile
export COPYFILE_DISABLE=true