Project

General

Profile

Actions

Bug #94963

open

PageRouter generates invalid URLs for access restricted mountpoints

Added by Georg Tiefenbrunn over 3 years ago. Updated over 1 year ago.

Status:
New
Priority:
Should have
Assignee:
-
Category:
Site Handling, Site Sets & Routing
Target version:
-
Start date:
2021-08-23
Due date:
% Done:

0%

Estimated time:
TYPO3 Version:
10
PHP Version:
Tags:
Complexity:
Is Regression:
Sprint Focus:

Description

site
  + A [id=1, slug=/a]
    + B [id=2, slug=/a/b]
  + C [id=3, slug=/c, mount_pid=1, mount_pid_ol=1]

If A has no access restriction (fe_group) links generated using \TYPO3\CMS\Frontend\DataProcessing\MenuProcessor (HMENU, special=list) are valid. The mounted page B will point to /c/b.

If access restrictions are applied (showAccessRestrictedPages=1) PageRouter::resolveMountPointParameterIntoPageSlug() does not remove the slug prefix. The mounted page B will point to /c/a/b.

master: https://github.com/TYPO3/typo3/blob/master/typo3/sysext/core/Classes/Routing/PageRouter.php#L429
10.4: https://github.com/TYPO3/typo3/blob/10.4/typo3/sysext/core/Classes/Routing/PageRouter.php#L428

                $mountedPage = $pageRepository->getPage($mountedPage);
                $mountRoot = $pageRepository->getPage($mountRoot);

If getPage() is called using $disableGroupAccessCheck=true valid URLs are generated.


Related issues 1 (1 open0 closed)

Related to TYPO3 Core - Bug #97263: findPageCandidatesOfMountPoint breaks slugs if mount points to a folder and slugs start with the same stringNew2022-03-31

Actions
Actions

Also available in: Atom PDF