Bug #42890

Regression: Javascript error in Backend (jumpToUrl)

Added by Ernesto Baschny over 8 years ago. Updated over 8 years ago.

Must have
Backend User Interface
Target version:
Start date:
Due date:
% Done:


Estimated time:
TYPO3 Version:
PHP Version:
Is Regression:
Sprint Focus:


All checkboxes in the Backend that contain a "onclick" pointing to "jumpToUrl" seem to be broken in the latest release of TYPO3. The Javascript pops up an error:

Uncaught ReferenceError: Invalid left-hand side in assignment

To test, go to the list module and try to select "Extended View" or "Localization View" from the options beneath the list.

Or in Extension Manager (the old-old one), try to select "Display shy extensions"

Tested on 4.5.x, but should affect also the latest security releases of the other branches as well.

Related issues

Is duplicate of TYPO3 Core - Bug #42812: Most checkboxes (like Extended View) are not working due to javascript bugClosed2012-11-09


Updated by Ernesto Baschny over 8 years ago

Through git bisect (I love it...) I could isolate this commit as the "bad one":

commit a768d97c4c93197563bbc148ff0ed1baacc0d0d3
Author: Helmut Hummel <helmut.hummel@typo3.org>
Date:   Thu Nov 8 12:43:50 2012 +0100

    [SECURITY] Fix potential XSS in t3lib_BEfunc::getFuncCheck

    The method getFuncCheck creates an URL from input variables and puts
    it in JavaScript context without properly encoding them.

    This might lead to XSS if the input variables come from untrusted source.

    Fixes: #42776
    Releases: 6.0, 4.7, 4.6, 4.5

Updated by Ernesto Baschny over 8 years ago

  • Status changed from Accepted to Rejected

Sorry, this has been reported (and even fixed already) :) Thanks for your time...

Also available in: Atom PDF