Project

General

Profile

Actions

Bug #62527

closed

Parameter type accepts non-integer values in shortcut redirect

Added by Christoph Gerold about 10 years ago. Updated about 6 years ago.

Status:
Closed
Priority:
Should have
Assignee:
-
Category:
-
Target version:
-
Start date:
2014-10-29
Due date:
% Done:

100%

Estimated time:
TYPO3 Version:
6.2
PHP Version:
Tags:
Complexity:
Is Regression:
No
Sprint Focus:

Description

Test / Replication
  1. Add a TYPO3 page of type shortcut
  2. Call the page in the frontend with the additional parameter type
    • best effect can be seen if the value of the parameter is a domain
      http://www.domain.tld/index.php?type=www.typo3.org
      
  3. See the browser redirect

Cause
The responsible function is checkPageForShortcutRedirect() located in typo3_src/typo3/sysext/frontend/Classes/Controller/TypoScriptFrontendController.php:3152.

So whats happening behind the scenes:
  1. The function reads the unique id of the current page (i.e. $parameter = 1)
    $parameter = $this->page['uid'];
    
  2. It reads the value of the GET-Parameter type (i.e. $type=www.typo3.org)
    $type = GeneralUtility::_GET('type');
    
  3. The value of thd parameter is concatenated with the value of the type (results in $parameter = 1,www.typo3.org)
    if ($type) {
        $parameter .= ',' . $type;
    }
    
  4. TYPO3 builds a link with the given parameter (results in $redirectUrl = http://1,www.typo3.org)
    $redirectUrl = $cObj->typoLink_URL(array('parameter' => $parameter));
    
  5. Finally TYPO3 redirects to the url http://1,www.typo3.org)
    HttpUtility::redirect($redirectUrl, HttpUtility::HTTP_STATUS_307);
    

What's next

In my opinion there are two possible fixes for that:
  1. add an intval() (as TSref says typeNum should be of type integer)
    • if, then maybe already at an earlier point typo3/sysext/cms/tslib/index_ts.php:76
      intval(\TYPO3\CMS\Core\Utility\GeneralUtility::_GP('type'))
      
  2. don't concatenate parameter and type if it is not an integer
Actions

Also available in: Atom PDF