Bug #91844
closed
Epic #92636: felogin bug collection
felogin Redirect to referer is not working at all with Site config 403 errorHandler
100%
Description
When having protected pages which should show the login form for non-authenticated users you need to have this erroHandler:
errorCode: '403'
errorHandler: Page
errorContentSource: 't3://page?uid=12345'
This page has a felogin plugin configured to redirect back to the referer. This does not work at all: the login itself works but you just stay on the login page instead of being returned.
On v8 everything worked fine -> regression.
Probably related: #90157
Updated by Stefan P over 3 years ago
- Related to Bug #90157: missing possibility to send return_url Parameter with 403 standard errorhandler added
Updated by Stefan P over 3 years ago
My current workaround is this:
Extend \TYPO3\CMS\Core\Error\PageErrorHandler\PageContentErrorHandler and use it as :
-
errorCode: '403'
errorHandler: PHP
errorContentSource: 't3://page?uid=123'
errorPhpClassFQCN: 'Vendor\Package\AccessDeniedPageContentErrorHandler'
Override handlePageError in there and alter the resolved url like this:
$parsedUrlParts = \parse_url($resolvedUrl);
$resolvedUrl .= (isset($parsedUrlParts['query']) ? '&' : '?') . 'referer=' . \urlencode((string)$request->getUri());
Other use cases may need other changes to the url, this one is working for referer mode of felogin.
Updated by Markus Klein over 3 years ago
- Status changed from New to Needs Feedback
The PageContentErrorHandler makes an internal request to the specified page, hence there is of course no referrer.
The feature you would like to have is presumably
https://docs.typo3.org/m/typo3/reference-typoscript/10.4/en-us/Setup/Config/Index.html#typolinklinkaccessrestrictedpages
Updated by Stefan P over 3 years ago
Markus Klein wrote:
The PageContentErrorHandler makes an internal request to the specified page, hence there is of course no referrer.
The feature you would like to have is presumably
https://docs.typo3.org/m/typo3/reference-typoscript/10.4/en-us/Setup/Config/Index.html#typolinklinkaccessrestrictedpages
felogin: loginMode=referer does not use HTTP Referer header... It uses an URL parameter named "referer" which the core could append for sure (see my workaround, I exactly do this). The core error handler does not append it. TYPO3 8 did this, however. That's the bug (see description and my current workaround).
felogin is pure core. We upgraded from 8 to 9 and loginMode=referer stopped working (without any config change on our side). What further information is needed here? v9 just broke this feature.
Updated by Stefan P over 3 years ago
And what does typolinkLinkAccessRestrictedPages has to do with this issue? I already build links to access restricted pages. That's the whole story behind this issue (a user clicks on a access restricted link to get redirected back to it after login - that's promised core functionality).
The bug is that felogin expects a GET parameter that the core does not deliver anymore.
Updated by Stefan P over 3 years ago
Updated by Markus Klein over 3 years ago
Okay, I obviously misunderstood your report then.
Can you please describe the setup that is needed to reproduce the issue?
So felogin config, plugin settings, requested page where the redirect to the login is expected, error handler config that does the redirect, and so forth.
Thanks.
felogin: loginMode=referer does not use HTTP Referer header...
citing from the source code of v8 $referer = $this->referer ? $this->referer : GeneralUtility::getIndpEnv('HTTP_REFERER');
Updated by Stefan P over 3 years ago
The setup is easy:
- Have a menu pointing to an access restricted page ("access when logged in" or for a specific user group). Totally core.
- Have a the core 403 error handler configured for this site. Totally core
errorCode: '403' errorHandler: Page errorContentSource: 't3://page?uid=12345' - on this
pages.uid=12345have a felogin plugin, totally core - configure this plugin in its flexform as redirectMode=referer, totally core
- In the FE be logged out and click on the menu pointing to the restricted page, totally core
- The 12345 with felogin plugin is shown, totally core
- Login, totally core
- TYPO3 8 redirected back to the restricted page (now unrestricted), TYPO3 9 stays on the error page (but being logged in)
The referenced issue #90157 is basically exactly the same, but for loginMode=getpost (it sets the return url by a GET parameter redirect_url which the 403 error handler does not send as well):
https://docs.typo3.org/c/typo3/cms-felogin/9.5/en-us/LoginMechanism/RedirectModes/Index.html#defined-by-get-post-vars
Yes, you are right about the referer, it actually can fall back to HTTP referer. Didn't know this, because in our case it was always the referer parameter. Not sure what the core did to decide between query param or HTTP header when doing the 403 action. But anyways, this is just HTTP: just as you can add a GET paremeter for an "internal" request you could also append any HTTP header (including Referer) to the "internal" request, if you prefer this. HTTP is just a text document in the end.
felogin relies on the core to send specific parameters (either GET or, as I just learned, also HTTP header). TYPO3 9 dropped this without warning.
Updated by Markus Klein over 3 years ago
- Category changed from Authentication to Link Handling, Site Handling & Routing
- Status changed from Needs Feedback to Accepted
- Priority changed from Should have to Must have
Updated by Markus Kappe over 2 years ago
This bug still exists in 10.4.21
Any progress?
Updated by Benni Mack about 2 years ago
- Status changed from Accepted to Needs Feedback
Can you explain how this is related to "fe_login_mode" in your installation? I did not find the details in this issue on how the pages setup is (with fe_login_mode)
Updated by Stefan P about 2 years ago
- Subject changed from felogin Redirect to referer is not working at all in combination with fe_login_mode and Site config 403 errorHandler to felogin Redirect to referer is not working at all with Site config 403 errorHandler
Updated by Stefan P about 2 years ago
This was probably a "typo". The variable meant is settings.redirectMode from teh flexform, I probably mixed it up in my head with pages.fe_login_mode.
Updated by Wolfgang Wagner about 2 years ago
It seems, that this problem still exists in TYPO3 11.
Updated by Stefan P about 2 years ago
- Related to Bug #92068: felogin (extbase) redirect from GET/POST is not working properly added
Updated by Stefan P about 2 years ago
- TYPO3 Version changed from 9 to 10
Changed to v10 because v9 is dead.
Updated by Stefan P about 2 years ago
- Related to Bug #96813: BeforeRedirectEvent is not useful at all because it accepts no arguments and the return value is ignored added
Updated by Stefan P about 2 years ago
- Related to Epic #96814: Totally broken felogin redirect mechanism added
Updated by Anonymous 
Updated by
Updated by Oliver Hader over 1 year ago
Still an issue in TYPO3 v12.0.0! Why isn't somebody picking this up? I've been waiting very long already...
Updated by Gerrit Code Review over 1 year ago
- Status changed from Needs Feedback to Under Review
Patch set 1 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/77204
Updated by Torben Hansen over 1 year ago
There is a patch available now. Please test carefully and vote to get the bug fixed.
Updated by Torben Hansen over 1 year ago
- Status changed from Under Review to Resolved
- % Done changed from 0 to 100
Applied in changeset 3cbf82a40fbd1638a0a2694ba654d17173ea2648.
Updated by Gerrit Code Review over 1 year ago
- Status changed from Resolved to Under Review
Patch set 1 for branch 11.5 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/77401
Updated by Gerrit Code Review over 1 year ago
Patch set 2 for branch 11.5 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/77401
Updated by Torben Hansen about 1 year ago
- Status changed from Under Review to Resolved
Applied in changeset ac629148b6ce0cc10ae7a85ab1af13d4c7410855.
Updated by Markus Klein about 1 year ago
- Related to Bug #99920: Referer redirect broken after update to 11.5.23 added
Updated by Marvin Müller 11 months ago
- Related to Bug #100715: felogin redirect mode by http referer is not working added
Updated by Wolfgang Wagner 11 months ago
The problem reappears for me in a 12.4.1 installation. Can anyone confirm this?