TYPO3 Core

For exactly this scenario we have a pageNotFound-Handler in place. We simply link the protected page directly. The handler is called if such a page is hit and no valid user is logged in. We simply redirect to the login page in the handler.

Hi Markus,

For exactly this scenario we have a pageNotFound-Handler in place. We simply link the protected page directly. The handler is called if such a page is hit and no valid user is logged in. We simply redirect to the login page in the handler.

This handling is okay and works perfectly.

The point in my description is that the user is already logged in.

If it calls the protected page from a link in a HTML document it works correctly.

BUT:

If it calls the protected page from a MS Office 2010 Word document it gets redirected to the login page which it shouldn't. As it is already logged in
it should go to the protected page but it doesn't. Maybe you can check this by your own using a MS Office 2010 Word document to verify (or even falsify) my description.

@Mathias:
I will give your solution a try but I have the feeling that it will not change the behavior as the problem is the source (html vs. not html) from where I call the link from.
See my description I gave here to Markus.

I can confirm this problem, although in our case, we don't have a pageNotFound handler implemented. Clicking on a link in Word to a protected page in TYPO3, even when the FE user is logged-in, results in a 403 error IN WORD ITSELF. The cmd+click doesn't even get as far as the browser. I'm assuming that Word pre-checks the availability of the URL before trying to open it in the browser.

Hi Markus and Mark,

thank you for clarifying this issue.

@Mark:

How could you see that the error was in Word itself? Just for curiosity how you detected that. ;-)

@Markus:
What do you think about the fix which we use especially for these Word links in our developed dedicated extension for this:


if ('' !== GeneralUtility::_GET('referer') &&
is_string(GeneralUtility::_GET('referer')) &&
NULL !== $GLOBALS['TSFE']->fe_user->user &&
isset($GLOBALS['TSFE']->fe_user->user['username']) &&
!headers_sent()) {
$this->redirectToUri(GeneralUtility::_GET('referer'));
exit;
}


Maybe you could merge this snippet into the TYPO3 CMS Core to prevent these Word issues - if possible or senseful?

I'm not sure where you wanna put that. But I have doubt that this makes sense at all. You basically say: If we have a referrer and a valid FE user do some redirect. I can imagine that most people wouldn't like this as a general behaviour.

Hi Markus,

ok, you are right. I did not had the view on all users in my mind.

Then you should not merge it in the core and you can close this ticket.

Thank you for your support.

gr. Christian