Story #26376: TER
Mark versions insecure
It is possible to mark a version of an extension as insecure. Unfortunately the checkbox is not saved after hitting the button "Update".
I remember this is caused by an extbase bug. But we need to fix that before launch.
#3 Updated by Helmut Hummel over 5 years ago
The current implementation seems buggy. Kai fixed some things on the T3BORD but I don't know if that went into the SVN.
Additionally I wonder why extensions marked as insecure in the current TER, are still visible on preview:
We marked this extension insecure in february (see http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2012-003/) and the latest extension import seems to be from today, but t3extplorer is visible on preview.
#4 Updated by HDNET no-lastname-given over 5 years ago
- Status changed from New to Under Review
- Assignee changed from HDNET no-lastname-given to Tolleiv Nietsch
We added Review->update to the FlexForm switchableControllerActions in Revision 59862 to the terfe Branch ter_fe2. (http://forge.typo3.org/projects/extension-terfe/repository/revisions/59862)
In addition there need to be some RealURL changes. We have informed Tolleiv about this. After updating the Plugin must be saved with the new FlexForm settings.
#8 Updated by Helmut Hummel over 5 years ago
In fact it did not work until now. There still were problems with the TS configuration which I fixed in the SVN and on the live page now.
Besides that, it could not work because the login is forbidden on the TER FE pages, thus the review part never was shown.
Because of that I put the plugin on a protected page and enabled the login for that page.
Now it works, but is a bit inconvenient as realurl seems only to be configured for the original branch and the search somehow does not work.
We now have to figure out the correct parameters to show the extension we want.
To sum it up the original problem is solved, but I will open followup tickets to get the final things working.