Security issue: PDF export in typo3temp
You name that problem, but you give no solution: placing a htaccess file in this directory is no good solution, because it is often neccessary to delete the whole typo3temp directory.
Perhaps you could offer an option in extension manager configuration to disable the PDF export.
Or you could check, whether this directory is protected, when a PDF export is executed. And, if it's not protected, automatically create a htaccess file.
#1 Updated by Nadine Schwingler about 3 years ago
- Status changed from New to Accepted
- Assignee set to Nadine Schwingler
With next TER update, the following will be implemented:
during PDF-creation the typo3temp/ke_questionnaire folder and the typo3temp/ke_questionnaire/pdf folder will be updated with an .htaccess file if needed