Bug #95579: Properly encode JSON when forwarding to RequireJS - TYPO3 Core - TYPO3 Forge

Actions

Copy link

Bug #95579

closed

Properly encode JSON when forwarding to RequireJS

Added by Oliver Hader about 3 years ago. Updated about 2 years ago.

Status:

Closed

Priority:

Should have

Assignee:

Category:

Backend JavaScript

Target version:

Start date:

2021-10-12

Due date:

% Done:

100%

Estimated time:

TYPO3 Version:

PHP Version:

Tags:

Complexity:

Is Regression:

Sprint Focus:

Description

When forwarding configuration as JSON encoded data when loading RequireJS modules in form engine, escape sequences need to be handled explicitly. It is not possible to break the serialization by injection techniques, however client-side parsing might fail.

The problem has been discovered, when PHP class names (\Vendor\Package\Name) lead to client-side JSON parsing errors, e.g. JSON.parse('"\\Vendor\\Package\\Name"');.

History
Notes
Property changes
Associated revisions

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

TYPO3 Core

Custom queries

Bug #95579

Properly encode JSON when forwarding to RequireJS

Updated by Oliver Hader about 3 years ago

Updated by Gerrit Code Review about 3 years ago

Updated by Oliver Hader about 3 years ago

Updated by Benni Mack about 2 years ago