Bug #33667
closed
ad link composition with Typo3 reverse proxy and ssl (https)
80%
Description
The function viewOnClick($pageId, $rootLine = NULL) in typo3_src/t3lib/class.t3lib_befunc.php returns a bad link if in Typo3 is configured a reverse proxy with ssl for the backend.
Configuration¶
- system: Typo3 4.5.3
- backend: reverseProxy and HTTPS
- frontend: no reverseProxy and only HTTP
This Typo3 config is given:¶
[SYS][reverseProxyIP] = 00.00.00.00 my IP [SYS][reverseProxyHeaderMultiValue] = first SYS][reverseProxyPrefix] = [SYS][reverseProxySSL] = * [SYS][reverseProxyPrefixSSL] = /mydomain.com [BE][lockSSL] = 1
Scenario¶
If one uses this code for a backend extension:
<a href="#" onClick="'.t3lib_BEfunc::viewOnClick($row['uid'],$BACK_PATH,t3lib_BEfunc::BEgetRootLine($row['uid']),'','',$this->implodedParams['plainParams']).'">
Problem¶
The URL composed by the function t3lib_BEfunc::viewOnClick(...) is:
https://mydomain.com/... [^]
INSTEAD OF
https://reverse-proxy.com/mydomain.com/... [^]
Solution (alpha)¶
I have check the Typo3 typo3_src/t3lib/class.t3lib_befunc.php code on
line 2908:
$viewDomain = self::getViewDomain($pageUid, $rootLine);
line 2936-2937:
$protocol = t3lib_div::getIndpEnv('TYPO3_SSL') ? 'https://' [^] : 'http://'; [^]
$domain = $protocol . self::firstDomainRecord($rootLine);
and found that Typo3 don't respect the reverse proxy and ssl config. In other words, it respects the ssl config and adds the https protocol right but don't adds the reverse proxy in the link.
I have add this code after line 2937 to solve the problem:
if (!($_SERVER['HTTP_X_FORWARDED_HOST'] == '' || $GLOBALS['TYPO3_CONF_VARS']['SYS']['reverseProxyIP'] == '')) {
$host = t3lib_div::trimExplode(',', $_SERVER['HTTP_X_FORWARDED_HOST']);
if (count($host)) {
switch ($GLOBALS['TYPO3_CONF_VARS']['SYS']['reverseProxyHeaderMultiValue']) {
case 'last':
$host = array_pop($host);
break;
case 'first':
$host = array_shift($host);
break;
case 'none':
default:
$host = '';
break;
}
}
$domain = $protocol . $_SERVER['HTTP_X_FORWARDED_HOST'] . $GLOBALS['TYPO3_CONF_VARS']['SYS']['reverseProxyPrefixSSL'];
}
Other¶
With reverseProxy, SSL configured in Typo3 and without this bug repair, many links generated with t3lib_BEfunc::viewOnClick in extensions (direct_mail) or Typo3 core are broken.
Typo3 backend API broken link example:
On the backend, if I select a page in the pagetree and then make a right click and click on page preview the html contains the bad https url without the reverse proxy information.
What about if one uses reverseProxy and/or SSL (https) in frontend and backend? Do we have to introduce a new Typo3 config variable like [SYS][reverseProxySSLLocation] that can be 1 (only backend), 2 (backend and frontend),...
Updated by Alexander Opitz over 9 years ago
- Status changed from New to Needs Feedback
- Is Regression set to No
Hi,
does the problem still exists within newer versions of TYPO3 CMS (6.2.9)?
Updated by Alexander Opitz almost 9 years ago
- Status changed from Needs Feedback to Closed
No feedback within the last 90 days => closing this issue.
If you think that this is the wrong decision or experience this issue again, then please write to the mailing list typo3.teams.bugs with issue number and an explanation or open a new ticket and add a relation to this ticket number.