Bug #86381
closedBackend SSL forwarding does not work
0%
Description
When I activate SSL forwarding in the backend:
LocalConfiguration.php: ['BE']['lockSSL'] => true,
Then a forwarding is made in this function:
\TYPO3\CMS\Backend\Middleware\ForcedHttpsBackendRedirector::process()
Line 48: $request->getAttribute('normalizedParams')->getSiteUrl()
The siteUrl is filled by this method:
$result = \TYPO3\CMS\Core\Http\NormalizedParams::determineSiteUrl(
'http://www.typo3cms9.vm/',
'/typo3cms9/public/typo3/index.php',
'/typo3cms9/public/'
);
And is this here with me:
$result = 'http://www.typo3cm/';
Would not it be better to use parse-url for this method?
http://php.net/manual/en/function.parse-url.php
TYPO3 v9.4.0
Updated by Georg Ringer about 6 years ago
- Status changed from New to Needs Feedback
can't reproduce that with current master, can you retest with master as well? thanks!
Updated by Thomas Schur Schur about 6 years ago
Georg Ringer wrote:
can't reproduce that with current master, can you retest with master as well? thanks!
How can I update to the current master to test it?
I am using composer and can not require dev-master:
"require": {
"fluidtypo3/flux": "^9.0",
"fluidtypo3/vhs": "^5.0",
"typo3/minimal": "^9.4",
"typo3/cms-fluid-styled-content": "^9.4",
"typo3/cms-tstemplate": "^9.4",
"typo3/cms-info": "^9.4",
"typo3/cms-scheduler": "^9.4",
"typo3/cms-reports": "^9.4",
"typo3/cms-rsaauth": "^9.4",
"typo3/cms-belog": "^9.4",
"typo3/cms-beuser": "^9.4",
"typo3/cms-setup": "^9.4"
}
Updated by Benni Mack about 6 years ago
Use
"typo3/cms-scheduler": "dev-master as 9.4.0",
and for all other typo3/cms package to go with latest master.
Updated by Thomas Schur Schur about 6 years ago
The problem persists with me.
Did you test that with the variables in the ticket?
Maybe it is because of what comes in?
composer.json (Cutted):
"require": {
"fluidtypo3/flux": "^9.0",
"fluidtypo3/vhs": "^5.0",
"typo3/minimal": "dev-master",
"typo3/cms-fluid-styled-content": "dev-master",
"typo3/cms-tstemplate": "dev-master",
"typo3/cms-info": "dev-master",
"typo3/cms-scheduler": "dev-master as 9.4.0",
"typo3/cms-reports": "dev-master",
"typo3/cms-rsaauth": "dev-master",
"typo3/cms-belog": "dev-master",
"typo3/cms-beuser": "dev-master",
"typo3/cms-setup": "dev-master",
"typo3/cms-backend": "9.5.*@dev",
"typo3/cms-core": "9.5.*@dev",
"typo3/cms-extbase": "9.5.*@dev",
"typo3/cms-extensionmanager": "9.5.*@dev",
"typo3/cms-filelist": "9.5.*@dev",
"typo3/cms-fluid": "9.5.*@dev",
"typo3/cms-frontend": "9.5.*@dev",
"typo3/cms-install": "9.5.*@dev",
"typo3/cms-recordlist": "9.5.*@dev"
}
composer update (Cutted):
- Updating typo3/phar-stream-wrapper (v1.0.1 => v3.0.0): Downloading (100%)
- Installing typo3/cms-core (dev-master e4df18c): Cloning e4df18cd15 from cache
- Installing typo3/cms-recordlist (dev-master 1cdd933): Cloning 1cdd933176 from cache
- Installing typo3/cms-extbase (dev-master bbd400e): Cloning bbd400ecc4 from cache
- Installing typo3/cms-fluid (dev-master d8d7a06): Cloning d8d7a066d0 from cache
- Installing typo3/cms-install (dev-master d16c743): Cloning d16c7432f7 from cache
- Installing typo3/cms-frontend (dev-master e368be8): Cloning e368be8b82 from cache
- Installing typo3/cms-filelist (dev-master e2a011d): Cloning e2a011d668 from cache
- Installing typo3/cms-extensionmanager (dev-master e67378e): Cloning e67378e21c from cache
- Installing typo3/cms-backend (dev-master 389829b): Cloning 389829bccf from cache
- Installing typo3/cms-fluid-styled-content (dev-master 56ac706): Cloning 56ac706665 from cache
- Installing typo3/cms-tstemplate (dev-master 0bbf279): Cloning 0bbf279232 from cache
- Installing typo3/cms-info (dev-master 7f789a2): Cloning 7f789a25aa from cache
- Installing typo3/cms-scheduler (dev-master 69306b9): Cloning 69306b9feb from cache
- Installing typo3/cms-reports (dev-master 523d2e5): Cloning 523d2e56cb from cache
- Installing typo3/cms-rsaauth (dev-master f3fb8a0): Cloning f3fb8a0458 from cache
- Installing typo3/cms-belog (dev-master ed9412e): Cloning ed9412e12a from cache
- Installing typo3/cms-beuser (dev-master b9cc535): Cloning b9cc535217 from cache
- Installing typo3/cms-setup (dev-master 8cdab94): Cloning 8cdab949c1 from cache
Updated by Benni Mack over 4 years ago
Hmm, yes. I have seen such a behavior with special handling of apache2 or nginx configuration. Can you share your server configuration (especially the try_files on nginx and everything related to URL rewrites)?
Updated by Benni Mack over 4 years ago
- Related to Bug #89312: NormalizedParams->getSiteUrl() contains PHP script wrapper added
Updated by Thomas Schur Schur over 4 years ago
Benni Mack wrote:
Hmm, yes. I have seen such a behavior with special handling of apache2 or nginx configuration. Can you share your server configuration (especially the try_files on nginx and everything related to URL rewrites)?
I no longer use the virtual machine. In development, I now use Docker and enforce https everywhere.
I made a little video to make it a little easier to watch. Recorded with 1080p.
https://youtube.com/watch?v=f8VNQxGAI1s
There is apache and nginx on the server.
If configured, the nginx forwards the apache website to the apache server.
Otherwise the nginx is always responsible.
- typo3demo.vm - nginx wildcard
- apache-demo.vm - nginx redirects to apache
- nginx-demo.vm - nginx direct
The bug seems to be due to the Nginx because it works with Apache.
If you want to try it out for yourself, this will help you:
Note: https://github.com/Cyb10101/dev-vm-linux/
Note: https://github.com/Cyb10101/dev-vm-linux/blob/master/usage.md
Download: https://netslum.de/download/dev-vm-linux/UbuntuDev2018_2019-01-19.ova
- Import OVA in VirtualBox
- Note: Set Network bridge
- Run Virtual Machine
- Login: user
- Password: user
- Get IP: ip a | grep inet
- Note: Recommend to login via SSH, because this is a deprecated project and VirtualBox shell talks too much
- Edit local (not VM -> Real PC) hosts: 192.168.178.115 typo3demo.vm apache-demo.vm nginx-demo.vm
- Note: If you want explizit http server add: apache-demo.vm nginx-demo.vm
- Surf to: http://typo3demo.vm/
- TYPO3 Logo appears
- Surf to: https://typo3demo.vm/
- Accepts Certificate and same website
- Surf to: http://typo3demo.vm/typo3/
- Login: admin
- Password: Admin123
- cd /var/www/typo3demo/public
- vim typo3conf/LocalConfiguration.php
- Line: 5 ([BE][lockSSL] = true)
- 'lockSSL' => true,
- Surf to: http://typo3demo.vm/typo3/
- Error appears
- vim typo3/sysext/backend/Classes/Middleware/ForcedHttpsBackendRedirector.php
- Line: 50
var_dump($request->getAttribute('normalizedParams')->getSiteUrl());
var_dump('https://' . $server . $sslPortSuffix . '/' . $address);
exit(); - Surf to: http://typo3demo.vm/typo3/
- Debug messages appears
Updated by Benni Mack over 4 years ago
Hey Thomas,
great. Thanks for your feedback. We've just merged a change in 9.5.x-dev and master which should hopefully solve your issue as well!
Updated by Thomas Schur Schur over 4 years ago
Hi, I don't know how to get the "9.5.x-dev" branch.
Problem 1
- The requested package typo3/minimal 9.5.x-dev exists as typo3/minimal[10.0.x-dev, ..., 9.0.x-dev, dev-master, 10.4.x-dev, ..., v9.4.0, v9.5.0] but these are rejected by your constraint.
"require": {
"helhum/typo3-console": "^5.5.5",
"typo3/minimal": "9.5.x-dev",
"typo3/cms-about": "9.5.x-dev",
"typo3/cms-adminpanel": "9.5.x-dev",
"typo3/cms-belog": "9.5.x-dev",
"typo3/cms-beuser": "9.5.x-dev",
"typo3/cms-felogin": "9.5.x-dev",
"typo3/cms-fluid-styled-content": "9.5.x-dev",
"typo3/cms-form": "9.5.x-dev",
"typo3/cms-impexp": "9.5.x-dev",
"typo3/cms-info": "9.5.x-dev",
"typo3/cms-redirects": "9.5.x-dev",
"typo3/cms-reports": "9.5.x-dev",
"typo3/cms-rte-ckeditor": "9.5.x-dev",
"typo3/cms-setup": "9.5.x-dev",
"typo3/cms-seo": "9.5.x-dev",
"typo3/cms-sys-note": "9.5.x-dev",
"typo3/cms-t3editor": "9.5.x-dev",
"typo3/cms-tstemplate": "9.5.x-dev",
"typo3/cms-viewpage": "9.5.x-dev"
},
And if I do it myself, I only get error messages in the sys_log.
But it seems to have been fixed in a later update:
- Removing symfony/contracts (v1.0.2)
- Removing psr/simple-cache (1.0.1)
- Removing mso/idna-convert (v1.1.0)
- Removing doctrine/reflection (v1.0.0)
- Removing doctrine/persistence (v1.1.0)
- Removing doctrine/inflector (v1.3.0)
- Removing doctrine/common (v2.10.0)
- Removing doctrine/collections (v1.5.0)
- Updating typo3/cms-composer-installers (v2.2.1 => v2.2.4): Downloading (100%)
- Updating helhum/config-loader (v0.11.0 => v0.12.2): Downloading (100%)
- Updating symfony/process (v4.2.2 => v4.4.5): Downloading (100%)
- Updating symfony/polyfill-mbstring (v1.10.0 => v1.14.0): Downloading (100%)
- Installing symfony/service-contracts (v1.1.8): Downloading (100%)
- Installing symfony/polyfill-php73 (v1.14.0): Downloading (100%)
- Updating symfony/console (v4.2.2 => v4.4.5): Downloading (100%)
- Updating doctrine/lexer (v1.0.1 => 1.2.0): Downloading (100%)
- Updating doctrine/annotations (v1.6.0 => v1.8.0): Downloading (100%)
- Updating typo3fluid/fluid (2.6.0 => 2.6.9): Downloading (100%)
- Updating typo3/phar-stream-wrapper (v3.0.1 => v3.1.4): Downloading (100%)
- Updating symfony/polyfill-ctype (v1.10.0 => v1.14.0): Downloading (100%)
- Updating symfony/yaml (v4.2.2 => v4.4.5): Downloading (100%)
- Updating symfony/routing (v4.2.2 => v4.4.5): Downloading (100%)
- Installing symfony/polyfill-php72 (v1.14.0): Downloading (100%)
- Installing symfony/polyfill-intl-idn (v1.14.0): Downloading (100%)
- Updating symfony/intl (v4.2.2 => v4.4.5): Downloading (100%)
- Updating symfony/polyfill-intl-icu (v1.10.0 => v1.14.0): Downloading (100%)
- Updating symfony/finder (v4.2.2 => v4.4.5): Downloading (100%)
- Updating symfony/var-exporter (v4.2.2 => v4.4.5): Downloading (100%)
- Installing symfony/cache-contracts (v1.1.7): Downloading (100%)
- Updating symfony/cache (v4.2.2 => v4.4.5): Downloading (100%)
- Updating symfony/expression-language (v4.2.2 => v4.4.5): Downloading (100%)
- Updating nikic/php-parser (v4.2.0 => v4.3.0): Downloading (100%)
- Updating ralouphie/getallheaders (2.0.5 => 3.0.3): Downloading (100%)
- Updating guzzlehttp/psr7 (1.5.2 => 1.6.1): Downloading (100%)
- Updating guzzlehttp/guzzle (6.3.3 => 6.4.1): Downloading (100%)
- Updating doctrine/instantiator (1.1.0 => 1.3.0): Downloading (100%)
- Updating doctrine/event-manager (v1.0.0 => 1.1.0): Downloading (100%)
- Updating doctrine/cache (v1.8.0 => 1.10.0): Downloading (100%)
- Updating doctrine/dbal (v2.7.2 => v2.10.1): Downloading (100%)
- Installing algo26-matthias/idna-convert (v1.1.0): Downloading (100%)
- Installing symfony/mime (v4.4.5): Downloading (100%)
- Installing symfony/http-foundation (v4.4.5): Downloading (100%)
- Updating typo3/cms-core (v9.5.3 => v9.5.14): Downloading (100%)
- Updating typo3/cms-scheduler (v9.5.3 => v9.5.14): Downloading (100%)
- Updating typo3/cms-recordlist (v9.5.3 => v9.5.14): Downloading (100%)
- Updating typo3/cms-extbase (v9.5.3 => v9.5.14): Downloading (100%)
- Updating typo3/cms-fluid (v9.5.3 => v9.5.14): Downloading (100%)
- Updating typo3/cms-install (v9.5.3 => v9.5.14): Downloading (100%)
- Updating typo3/cms-frontend (v9.5.3 => v9.5.14): Downloading (100%)
- Updating typo3/cms-filelist (v9.5.3 => v9.5.14): Downloading (100%)
- Updating typo3/cms-extensionmanager (v9.5.3 => v9.5.14): Downloading (100%)
- Updating typo3/cms-backend (v9.5.3 => v9.5.14): Downloading (100%)
- Updating helhum/typo3-console (5.6.0 => v5.8.2): Downloading (100%)
- Updating typo3/cms-about (v9.5.3 => v9.5.14): Downloading (100%)
- Updating typo3/cms-viewpage (v9.5.3 => v9.5.14): Downloading (100%)
- Updating typo3/cms-tstemplate (v9.5.3 => v9.5.14): Downloading (100%)
- Updating typo3/cms-t3editor (v9.5.3 => v9.5.14): Downloading (100%)
- Updating typo3/cms-sys-note (v9.5.3 => v9.5.14): Downloading (100%)
- Updating typo3/cms-seo (v9.5.3 => v9.5.14): Downloading (100%)
- Updating typo3/cms-setup (v9.5.3 => v9.5.14): Downloading (100%)
- Updating typo3/cms-rte-ckeditor (v9.5.3 => v9.5.14): Downloading (100%)
- Updating typo3/cms-reports (v9.5.3 => v9.5.14): Downloading (100%)
- Updating typo3/cms-redirects (v9.5.3 => v9.5.14): Downloading (100%)
- Updating typo3/cms-info (v9.5.3 => v9.5.14): Downloading (100%)
- Updating typo3/cms-impexp (v9.5.3 => v9.5.14): Downloading (100%)
- Updating typo3/cms-form (v9.5.3 => v9.5.14): Downloading (100%)
- Updating typo3/cms-fluid-styled-content (v9.5.3 => v9.5.14): Downloading (100%)
- Updating typo3/cms-felogin (v9.5.3 => v9.5.14): Downloading (100%)
- Updating typo3/cms-beuser (v9.5.3 => v9.5.14): Downloading (100%)
- Updating typo3/cms-belog (v9.5.3 => v9.5.14): Downloading (100%)
- Updating typo3/cms-adminpanel (v9.5.3 => v9.5.14): Downloading (100%)
However, the fix of "Bug #89312" was not included in the package.
https://forge.typo3.org/issues/89312
If you are unsure, you can pull out a VM yourself. That makes it easier.
But I think the ticket is done?
Updated by Susanne Moog over 4 years ago
- Status changed from Needs Feedback to Closed
This has been fixed in recent versions, closing the ticket now. If the issue pops up again, please reopen.