Project

General

Profile

Actions

Bug #90006

closed

61657: [BUGFIX] Do not fall back to routes on invalid “id” -- missing for typenum and eId

Added by Bostjan Kristl almost 5 years ago. Updated almost 3 years ago.

Status:
Closed
Priority:
Should have
Assignee:
-
Category:
Site Handling, Site Sets & Routing
Target version:
-
Start date:
2019-12-23
Due date:
% Done:

0%

Estimated time:
TYPO3 Version:
9
PHP Version:
Tags:
Complexity:
Is Regression:
Sprint Focus:

Description

In this bug fix 61657: [BUGFIX] Do not fall back to routes on invalid “id”
for fall back is now error page when we use type (typeNum) pages and id as query parameter ! (for eId script i haven't checked)

---------------------------------------------------------------------------------------------------------
Before fix it was:


$requestId = (string)($request->getQueryParams()['id'] ?? '');
            if (!empty($requestId) && !empty($page = $this->resolvePageId($requestId))) {

---------------------------------------------------------------------------------------------------------
with buxfix is:

$requestId = (string)($request->getQueryParams()['id'] ?? '');
            if (!empty($requestId)) {
                $page = $this->resolvePageId($requestId);
                if ($page === null) {
                    return GeneralUtility::makeInstance(ErrorController::class)->pageNotFoundAction(
                        $request,
                        'The requested page does not exist',
                        ['code' => PageAccessFailureReasons::PAGE_NOT_FOUND]
                    );
                }

---------------------------------------------------------------------------------------------------------
BUT is supposed to be:


$requestId = (string)($request->getQueryParams()['id'] ?? '');

            if (!empty($requestId)) {

                $requestType = (int)($request->getQueryParams()['type'] ?? null);

                if ($requestType !== null && $this->resolvePageId($requestId) === null) {
                    return GeneralUtility::makeInstance(ErrorController::class)->pageNotFoundAction(
                        $request,
                        'The requested page does not exist',
                        ['code' => PageAccessFailureReasons::PAGE_NOT_FOUND]
                    );
                }

Because we need to check if is eID script or type (typeNum) page.

Regards,
Bostjan

Actions

Also available in: Atom PDF