Project

General

Profile

Actions

Task #56268

closed

Epic #55070: Workpackages

Epic #55066: WP: Security enhancements

Story #55516: Reduce the number of backend script entry points

Add new way to register a TCA wizard

Added by Helmut Hummel about 10 years ago. Updated over 5 years ago.

Status:
Closed
Priority:
Should have
Assignee:
-
Category:
-
Target version:
-
Start date:
2014-02-25
Due date:
% Done:

100%

Estimated time:
TYPO3 Version:
6.2
PHP Version:
Tags:
Complexity:
Sprint Focus:

Description

Wizards used to be registered by defining a script path
to an entry script for a wizard. Since we now aim to reduce
the entry scripts, wizards should be called through
mod.php and be registered accordingly.
However with the additional requirement of adding
CSRF protection for all mod.php calls, we cannot hard code
the script URLs for wizards any more. Instead BackendUtility::getModuleUrl
should be used, which adds the CSRF protection token.
Since this token is session dependend and TCA might be cached,
we need a new way to register a wizard by just specifying
the module name in TCA.

The FormRenderer should then take care to call BackendUtility::getModuleUrl

Actions #1

Updated by Gerrit Code Review about 10 years ago

  • Status changed from New to Under Review

Patch set 1 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27841

Actions #2

Updated by Gerrit Code Review about 10 years ago

Patch set 2 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27841

Actions #3

Updated by Gerrit Code Review about 10 years ago

Patch set 3 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27841

Actions #4

Updated by Helmut Hummel about 10 years ago

  • Status changed from Under Review to Resolved
  • % Done changed from 0 to 100
Actions #5

Updated by Benni Mack over 5 years ago

  • Status changed from Resolved to Closed
Actions

Also available in: Atom PDF