Bug #89312

NormalizedParams->getSiteUrl() contains PHP script wrapper

Added by Oliver Hader 8 months ago. Updated 2 months ago.

Status:
Closed
Priority:
Should have
Assignee:
-
Category:
Link Handling, Site Handling & Routing
Target version:
-
Start date:
2019-09-30
Due date:
% Done:

100%

TYPO3 Version:
9
PHP Version:
7.2
Tags:
Complexity:
Is Regression:
Sprint Focus:

Description

siteUrl = http://ip10.local/fcgi/
scriptFilename = /Users/olly/Development/vhosts/ip10.local/typo3/index.php
scriptName = /fcgid-bin/wrapper

siteUrl contains PHP wrapper script in this scenario

_SERVER values

Array
(
    [PHPRC] => /opt/local/apache2/fcgid/php72
    [PATH] => /usr/bin:/bin:/usr/sbin:/sbin
    [PWD] => /opt/local/etc/apache2/fcgid/php72
    [ORIG_SCRIPT_NAME] => /fcgid-bin/wrapper
    [ORIG_PATH_TRANSLATED] => /Users/olly/Development/vhosts/ip10.local/typo3/index.php
    [ORIG_PATH_INFO] => /typo3/index.php
    [ORIG_SCRIPT_FILENAME] => /opt/local/etc/apache2/fcgid/php72/wrapper
    [SCRIPT_NAME] => /typo3/index.php
    [REQUEST_URI] => /typo3/index.php?route=%2Fajax%2Fpage%2Ftree%2FfetchData&token=5d628d55306ca7224c9b2dbd0fa0821df2c1feba
    [QUERY_STRING] => route=%2Fajax%2Fpage%2Ftree%2FfetchData&token=5d628d55306ca7224c9b2dbd0fa0821df2c1feba
    [REQUEST_METHOD] => GET
    [SERVER_PROTOCOL] => HTTP/1.1
    [GATEWAY_INTERFACE] => CGI/1.1
    [REDIRECT_QUERY_STRING] => route=%2Fajax%2Fpage%2Ftree%2FfetchData&token=5d628d55306ca7224c9b2dbd0fa0821df2c1feba
    [REDIRECT_URL] => /typo3/index.php
    [REMOTE_PORT] => 60065
    [SCRIPT_FILENAME] => /Users/olly/Development/vhosts/ip10.local/typo3/index.php
    [CONTEXT_DOCUMENT_ROOT] => /opt/local/etc/apache2/fcgid/php72/
    [CONTEXT_PREFIX] => /fcgid-bin/
    [REQUEST_SCHEME] => http
    [DOCUMENT_ROOT] => /Users/olly/Development/vhosts/ip10.local
    [REMOTE_ADDR] => 127.0.0.1
    [SERVER_PORT] => 80
    [SERVER_ADDR] => 127.0.0.1
    [SERVER_NAME] => ip10.local
    [SERVER_SOFTWARE] => Apache/2.4.41 (Unix) OpenSSL/1.0.2s mod_fcgid/2.3.9
    [HTTP_HOST] => ip10.local
    [REDIRECT_STATUS] => 200
    [REDIRECT_HANDLER] => php-fcgid
    [REDIRECT_CWD] => /
    [FCGI_ROLE] => RESPONDER
    [PHP_SELF] => /typo3/index.php
    [REQUEST_TIME_FLOAT] => 1569838796.9877
    [REQUEST_TIME] => 1569838796
)

incorrect.png View (187 KB) Oliver Hader, 2020-03-07 12:57

fixed.png View (186 KB) Oliver Hader, 2020-03-07 12:57


Related issues

Related to TYPO3 Core - Bug #89311: Flaws in site configuration when creating new page on root-level Needs Feedback 2019-09-30
Related to TYPO3 Core - Bug #86381: Backend SSL forwarding does not work Closed 2018-09-25
Related to TYPO3 Core - Bug #90733: Backend: LastLoginProvider is no longer stored in the cookie. Closed 2020-03-11

Associated revisions

Revision 045d4dc5 (diff)
Added by Oliver Hader 3 months ago

[BUGFIX] Consider CGI wrapper for NormalizedParams->getSiteUrl()

When using a CGI wrapper to dispatch the PHP process `ORIG_SCRIPT_NAME`
contains the name of the wrapper script (which is most probably outside
the TYPO3's project root) and leads to invalid prefixes, e.g. resolving
the `siteUrl` incorrectly as `http://ip10.local/fcgi/` instead of
actual `http://ip10.local/`.

Resolves: #89312
Releases: master, 9.5
Change-Id: Ib0732344deb0f2e71e06a4a1929bb712cd4f2239
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/63602
Tested-by: TYPO3com <>
Tested-by: Riccardo De Contardi <>
Tested-by: Susanne Moog <>
Tested-by: Benni Mack <>
Reviewed-by: Susanne Moog <>
Reviewed-by: Benni Mack <>

Revision f734946d (diff)
Added by Oliver Hader 3 months ago

[BUGFIX] Consider CGI wrapper for NormalizedParams->getSiteUrl()

When using a CGI wrapper to dispatch the PHP process `ORIG_SCRIPT_NAME`
contains the name of the wrapper script (which is most probably outside
the TYPO3's project root) and leads to invalid prefixes, e.g. resolving
the `siteUrl` incorrectly as `http://ip10.local/fcgi/` instead of
actual `http://ip10.local/`.

Resolves: #89312
Releases: master, 9.5
Change-Id: Ib0732344deb0f2e71e06a4a1929bb712cd4f2239
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/63584
Tested-by: TYPO3com <>
Tested-by: Benni Mack <>
Reviewed-by: Benni Mack <>

History

#1 Updated by Oliver Hader 8 months ago

  • Description updated (diff)

#2 Updated by Oliver Hader 8 months ago

  • Related to Bug #89311: Flaws in site configuration when creating new page on root-level added

#3 Updated by Oliver Hader 8 months ago

  • TYPO3 Version changed from 10 to 9

#4 Updated by Benni Mack 3 months ago

  • Related to Bug #86381: Backend SSL forwarding does not work added

#5 Updated by Gerrit Code Review 3 months ago

  • Status changed from New to Under Review

Patch set 1 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/63602

#6 Updated by Oliver Hader 3 months ago

How to reproduce/test:

  • in TYPO3 v10
  • in workspace module on a workspace having changes
  • "generate preview URL" and open the first link
  • frontend will open and render correctly
  • warning box right top "stop preview" contains the relevant incorrect link (http://ip10.local/fcgid-bin/index.php?returnUrl=%2Fen%2Ffeatures%3F&ADMCMD_prev=LOGOUT)

Incorrect

Fixed

#7 Updated by Gerrit Code Review 3 months ago

Patch set 2 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/63602

#8 Updated by Gerrit Code Review 3 months ago

Patch set 3 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/63602

#9 Updated by Gerrit Code Review 3 months ago

Patch set 4 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/63602

#10 Updated by Gerrit Code Review 3 months ago

Patch set 1 for branch 9.5 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/63584

#11 Updated by Gerrit Code Review 3 months ago

Patch set 2 for branch 9.5 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/63584

#12 Updated by Gerrit Code Review 3 months ago

Patch set 3 for branch 9.5 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/63584

#13 Updated by Oliver Hader 3 months ago

  • Status changed from Under Review to Resolved
  • % Done changed from 0 to 100

#14 Updated by Markus Klein 3 months ago

  • Related to Bug #90733: Backend: LastLoginProvider is no longer stored in the cookie. added

#15 Updated by Benni Mack 2 months ago

  • Status changed from Resolved to Closed

Also available in: Atom PDF