Bug #28352
closedtslib_cObj->typolink generate a cHash even if not needed
100%
Description
The typolink function generate a cHash if there's some "additionalParams".
In most case that's not a problem, but if every additional parameter is filtered out in t3lib_div::cHashParams (with hooks, for instance), a cHash is still generated (as typolink will always hash the return t3lib_div::cHashParams' value)
As cHash validity is still not checked if no cHash was given (which is another bug), fixing only typolink function could be enougth to solve this little bug.
If needed, I can provide patche(s).
BTW, the generated cHash will be (one of the) valid for every url without get parameters (as queryString is "exploded" instead of "trimExploded", that kind of urls can have 2 different cHashes, depending on the presence of a "core parameter").
A malicius user could exploit this issue to get those 2 différents cHashes and "triple cache" every page on a typo3 instance, resulting in a (light) cache flooding.