Project

General

Profile

Actions

Bug #69665

closed

Rendering of TypoScript shortcutIcon does not consider HTTPS (in some cases)

Added by Sybille Peters over 8 years ago. Updated over 6 years ago.

Status:
Closed
Priority:
Should have
Category:
TypoScript
Target version:
Start date:
2015-09-11
Due date:
% Done:

100%

Estimated time:
TYPO3 Version:
7
PHP Version:
Tags:
Complexity:
Is Regression:
No
Sprint Focus:

Description

IMHO it should be possible to enter the URL for shortcutIcon as arbitrary URL, specifically in any the following formats:

The current rendering is not flexible enough for HTTP/ HTTPS because the rendered and cached page will be dependant on the URL scheme first used. This may result in a URL with HTTP scheme used for favicon (if the page is first fetched via http), which will then be cached and used for HTTPS as well resulting in security warnings (mixed content).

TYPO3 source code (4.5 and 6.2 more or less the same):

if ($GLOBALS['TSFE']->pSetup['shortcutIcon']) {
      $favIcon = $GLOBALS['TSFE']->tmpl->getFileName($GLOBALS['TSFE']->pSetup['shortcutIcon']);
      if (is_file(PATH_site . $favIcon)) {
        if (function_exists('finfo_open')) {
          if ($finfo = @finfo_open(FILEINFO_MIME)) {
            $iconMimeType = ' type="' . finfo_file($finfo, (PATH_site . $favIcon)) . '"';
            finfo_close($finfo);
            $pageRenderer->setIconMimeType($iconMimeType);
          }
        }
        $pageRenderer->setFavIcon(GeneralUtility::getIndpEnv('TYPO3_SITE_URL') . $favIcon);
      }

As you can see, it is not possible to use relative or absolute paths because TYPO3_SITE_URL is prepended in any case. It is not possible to use absolute URLs because this will result in is_file failing.

This issue has actually already been reported, but for typo3.org, see https://forge.typo3.org/issues/58265

Any help is appreciated.


Related issues 1 (0 open1 closed)

Follows TYPO3 Core - Bug #15013: shortcut icon syntax incorrect/incompleteClosedMichael Stucki2005-10-08

Actions
Actions

Also available in: Atom PDF