Task #78477: Refactoring of FlashMessage rendering - TYPO3 Core - TYPO3 Forge

Custom queries

Accessibility
Easy tasks
Forge Triage
JavaScript issues
JavaScript Issues (w/o Epics/Stories)
My open issues
No feedback within 90 days
Open Bugs
Open issues of 10
Recently modified
Regressions
Stabilization Issues
Usability or UX

Actions

Copy link

Task #78477

closed

Refactoring of FlashMessage rendering

Added by Frank Nägler about 8 years ago. Updated about 7 years ago.

Status:

Closed

Priority:

Must have

Assignee:

Frank Nägler

Category:

Code Cleanup

Target version:

8.6

Start date:

2016-10-28

Due date:

% Done:

100%

Estimated time:

TYPO3 Version:

PHP Version:

Tags:

Complexity:

Sprint Focus:

Description

The implementation of the rendering of FlashMessages in the core should be optimized.
With #73698 we start a cleanup which removes rendering from different places and centralized the markup with the FlashMessage class.

The problems we identified are:

Security: markup in FlashMessage are not allowed and can open XSS issues
Context: some messages contains markup which is fine in context of backend and frontend, but not in CLI context or maybe other contexts
For the reasons above, we found markup as well in the FlashMessageQueue class

For all this reasons, we need a flexible and secure solution to handle the FlashMessage rendering in different contexts.

Related issues 1 (1 open — 0 closed)

Related to TYPO3 Core - Bug #83733: FlashMessage renderers must not escape user content

New

2018-01-30

Actions

Issue # Delay: days Cancel

History
Notes
Property changes
Associated revisions

Actions

Copy link

Updated by Gerrit Code Review about 8 years ago

Status changed from In Progress to Under Review

Patch set 4 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/50285

Actions

Copy link

Updated by Gerrit Code Review about 8 years ago

Patch set 5 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/50285

Actions

Copy link

Updated by Gerrit Code Review about 8 years ago

Patch set 6 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/50285

Actions

Copy link

Updated by Gerrit Code Review about 8 years ago

Patch set 7 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/50285

Actions

Copy link

Updated by Gerrit Code Review about 8 years ago

Patch set 8 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/50285

Actions

Copy link

Updated by Gerrit Code Review about 8 years ago

Patch set 9 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/50285

Actions

Copy link

Updated by Gerrit Code Review about 8 years ago

Patch set 10 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/50285

Actions

Copy link

Updated by Gerrit Code Review about 8 years ago

Patch set 11 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/50285

Actions

Copy link

Updated by Gerrit Code Review about 8 years ago

Patch set 12 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/50285

Actions

Copy link

#10

Updated by Gerrit Code Review about 8 years ago

Patch set 13 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/50285

Actions

Copy link

#11

Updated by Gerrit Code Review about 8 years ago

Patch set 14 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/50285

Actions

Copy link

#12

Updated by Benni Mack almost 8 years ago

Target version changed from 8.5 to 8.6

Actions

Copy link

#13

Updated by Gerrit Code Review almost 8 years ago

Patch set 15 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/50285

Actions

Copy link

#14

Updated by Gerrit Code Review almost 8 years ago

Patch set 16 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/50285

Actions

Copy link

#15

Updated by Gerrit Code Review almost 8 years ago

Patch set 17 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/50285

Actions

Copy link

#16

Updated by Gerrit Code Review almost 8 years ago

Patch set 18 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/50285

Actions

Copy link

#17

Updated by Gerrit Code Review almost 8 years ago

Patch set 19 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/50285

Actions

Copy link

#18

Updated by Gerrit Code Review almost 8 years ago

Patch set 20 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/50285

Actions

Copy link

#19

Updated by Gerrit Code Review almost 8 years ago

Patch set 21 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/50285

Actions

Copy link

#20

Updated by Anonymous almost 8 years ago

Status changed from Under Review to Resolved
% Done changed from 0 to 100

Applied in changeset d881b03b7a61d3ce6376fa5d9b03e57e5763a50e.

Actions

Copy link

#21

Updated by Riccardo De Contardi about 7 years ago

Status changed from Resolved to Closed

Actions

Copy link

#22

Updated by Alexander Schnitzler almost 7 years ago

Related to Bug #83733: FlashMessage renderers must not escape user content added

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

TYPO3 Core

Custom queries

Task #78477

Refactoring of FlashMessage rendering

Updated by Gerrit Code Review about 8 years ago

Updated by Gerrit Code Review about 8 years ago

Updated by Gerrit Code Review about 8 years ago

Updated by Gerrit Code Review about 8 years ago

Updated by Gerrit Code Review about 8 years ago

Updated by Gerrit Code Review about 8 years ago

Updated by Gerrit Code Review about 8 years ago

Updated by Gerrit Code Review about 8 years ago

Updated by Gerrit Code Review about 8 years ago

Updated by Gerrit Code Review about 8 years ago

Updated by Gerrit Code Review about 8 years ago

Updated by Benni Mack almost 8 years ago

Updated by Gerrit Code Review almost 8 years ago

Updated by Gerrit Code Review almost 8 years ago

Updated by Gerrit Code Review almost 8 years ago

Updated by Gerrit Code Review almost 8 years ago

Updated by Gerrit Code Review almost 8 years ago

Updated by Gerrit Code Review almost 8 years ago

Updated by Gerrit Code Review almost 8 years ago

Updated by Anonymous almost 8 years ago

Updated by Riccardo De Contardi about 7 years ago

Updated by Alexander Schnitzler almost 7 years ago