Actions
Bug #89386
closedBackend module "FileList" not fully compatible with protected (not public accessible) directories
Status:
Rejected
Priority:
Should have
Assignee:
-
Category:
Backend User Interface
Target version:
-
Start date:
2019-10-09
Due date:
% Done:
0%
Estimated time:
TYPO3 Version:
9
PHP Version:
7.2
Tags:
Complexity:
Is Regression:
Sprint Focus:
Description
Using backend module "FileList" it is not possible to view a file when it is located inside a protected (not public accessible, e.g. protected by .htaccess) directory. To reproduce:
- Place any file (e.g. pdf) inside any folder (e.g. fileadmin/test/).
- Also, put a .htaccess file inside the same folder containing "Deny from all".
- Now go to "FileList" and navigate to this folder. Everything works fine until here (rendering previews etc.)...
- Now click on the pdf icon -> info -> and inside the popup -> click on the button "show". This leads to "403 access denied".
So it would be much better to handle this "show" action by any php method (read the file contents, send headers and echo file content) instead of directly calling the public url of the file.
Actions