Bug #88094

Opening inline elements fails

Added by Florian Wessels 3 months ago. Updated about 1 month ago.

Status:
Under Review
Priority:
Must have
Assignee:
-
Category:
FormEngine aka TCEforms
Target version:
-
Start date:
2019-04-05
Due date:
% Done:

0%

TYPO3 Version:
9
PHP Version:
7.2
Tags:
Complexity:
easy
Is Regression:
Sprint Focus:

Description

Opening inline elements fails with error `1489751363: Hash does not validate` when sorting of numeric array keys is not ascending.

How to reproduce:

The following TCA is given:

$GLOBALS['TCA']['tx_foo']['columns']['image']['config'] = \TYPO3\CMS\Core\Utility\ExtensionManagementUtility::getFileFieldTCAConfig(
    'image',
    [
        'overrideChildTca' => [
            'types' => [
                \TYPO3\CMS\Core\Resource\File::FILETYPE_IMAGE => [
                    'showitem' => 'some_fields',
                ],
                \TYPO3\CMS\Core\Resource\File::FILETYPE_UNKNOWN => [
                    'showitem' => 'some_fields',
                ],
            ],
        ],
    ],
),

Good to know:
Value of \TYPO3\CMS\Core\Resource\File::FILETYPE_IMAGE is "2".
Value of \TYPO3\CMS\Core\Resource\File::FILETYPE_UNKNOWN is "0"

The JSON the server generates when rendering the inline element is:

{
  "config": {
    "overrideChildTca": {
      "types": {
        "2": {
          "showitem": "some_fields" 
        },
        "0": {
          "showitem": "some_fields" 
        }
      }
    }
  }
}

When you now try to expand the collapsed inline element you will get the error described above.
The Browser (latest Chrome) sends following JSON to the server:

{
  "config": {
    "overrideChildTca": {
      "types": {
        "0": {
          "showitem": "some_fields" 
        }
        "2": {
          "showitem": "some_fields" 
        }
      }
    }
  }
}

Now the ordering of the elements is ascending and the hmac comparison fails.

And yes, the solution is to rearrange the order of the elements in the TCA, but in my opinion that is not the way we should go.

issue88094-fix.diff View (3.24 KB) filigivuji filigivuji, 2019-06-06 23:04

History

#1 Updated by filigivuji filigivuji about 1 month ago

The issue is that the "context" data (over which the hmac is computed) is sent to the browser as a JSON object, which the browser then encodes again using JSON.stringify() when making an AJAX call. However, JavaScript's JSON.stringify does not guarantee to return the same string as PHP's json_encode, e.g. because JSON objects do not have a defined order[0].
The fix is to pass the "context" as a string and not as a JSON object. I've created and attached a patch based on TYPO3 9.5.7 which implements this which fixes this issue in my tests. (I cannot log in to review.typo3.org, so I can't create a change in Gerrit.)

I had this issue with the Gridelements extension, which had a "columns" key (so alphabetic and not numeric) in the "overrideChildTca" object when adding an image to a Gridelements content element.
TYPO3 generated this context JSON (beautified for better readability):

{
    "type": "inline",
...
    "overrideChildTca": {
        "0": {
            "showitem": "--palette--;LLL:EXT:lang\/locallang_tca.xlf:sys_file_reference.imageoverlayPalette;imageoverlayPalette, --palette--;;filePalette" 
        },
...
        "columns": {
            "uid_local": {
                "config": {
                    "appearance": {
                        "elementBrowserType": "file",
                        "elementBrowserAllowed": "" 
                    }
                }
            }
        },
    },
...
}

However the JavaScript used the following in its AJAX call in Chromium (via JSON.stringify):

{
    "type": "inline",
...
    "overrideChildTca": {
        "columns": {
            "uid_local": {
                "config": {
                    "appearance": {
                        "elementBrowserType": "file",
                        "elementBrowserAllowed": "" 
                    }
                }
            }
        },
        "0": {
            "showitem": "--palette--;LLL:EXT:lang\/locallang_tca.xlf:sys_file_reference.imageoverlayPalette;imageoverlayPalette, --palette--;;filePalette" 
        },
...
    },
...
}

Note that even if all keys were numeric, one cannot rely on JSON.stringify to order the object keys numerically. That's why in my patch I just pass around the context as a string.

[0]: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/JSON/stringify "Properties of non-array objects are not guaranteed to be stringified in any particular order. Do not rely on ordering of properties within the same object within the stringification."

#2 Updated by Gerrit Code Review about 1 month ago

  • Status changed from New to Under Review

Patch set 1 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/61042

#3 Updated by Gerrit Code Review about 1 month ago

Patch set 2 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/61042

Also available in: Atom PDF