Bug #83029: GIFBUILDER files cannot be delivered via web server - TYPO3 Core - TYPO3 Forge

Actions

Copy link

Bug #83029

closed

GIFBUILDER files cannot be delivered via web server

Added by Oliver Hader over 6 years ago. Updated over 5 years ago.

Status:

Closed

Priority:

Should have

Assignee:

Category:

Image Generation / GIFBUILDER

Target version:

Start date:

2017-11-17

Due date:

% Done:

100%

Estimated time:

TYPO3 Version:

PHP Version:

Tags:

Complexity:

Is Regression:

Sprint Focus:

Description

GIFBUILDER uses provided file names and text snippets in order to generate the final name for files to be written to. In case text snippets start with a dot, this is also reflected into the file name - preventing some web servers to deliver the file since it's considered to be internal.

Since directory separators are correctly converted there are no security vulnerabilities.

TypoScript:

page.20 = IMAGE
page.20.file = GIFBUILDER
page.20.file {
    XY = [10.w]+10, [10.h]+10
    backColor = #cc0000
    10 = TEXT
    10.text = .hello
    10.fontColor = #000000
    10.fontSize = 20
    10.offset = 0,20
}

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

TYPO3 Core

Custom queries

Bug #83029

GIFBUILDER files cannot be delivered via web server

Updated by Gerrit Code Review over 6 years ago

Updated by Oliver Hader over 6 years ago

Updated by Gerrit Code Review over 6 years ago

Updated by Oliver Hader over 6 years ago

Updated by Benni Mack over 5 years ago