Bug #95644
closed
favicon doesn't work in TYPO3 11.5.1 anymore / FilePathSanitizer problem?
100%
Description
page.favicon.file (as a constant) und page.shortcutIcon (in setup) don't work anymore.
No favicon in output anymore.
Still works in TYPO3 11.5.0.
Perhaps this is caused by an error in FilePathSanitizer, which also didn't work as expected in some extensions:
GeneralUtility::makeInstance(FilePathSanitizer::class)->sanitize('EXT:myext/...'])
returns
/typo3conf/ext/myext/...
which "is not located in the allowed paths" (error message) and not the following string without the leading slash (as under 11.5.0):
typo3conf/ext/myext/...
Trying to add the $allowExtensionPath
GeneralUtility::makeInstance(FilePathSanitizer::class)->sanitize('EXT:myext/...'], true)
returns
EXT:myext/...
which is not working either.
Updated by
Updated by Florian Rival about 3 years ago
- Complexity set to easy
- Is Regression set to Yes
Same problem for me.
An easy way to resolve this is to remove the first slash before using strpos in method FilePathSanitizer::sanitize():
// Check if the found file is in the allowed paths
$relativePath = ltrim($relativePath, "/");
foreach ($this->allowedPaths as $allowedPath) {
if (strpos($relativePath, $allowedPath) === 0) {
return $relativePath;
}
}
Updated by Gerrit Code Review about 3 years ago
- Status changed from New to Under Review
Patch set 1 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/71804
Updated by Gerrit Code Review about 3 years ago
Patch set 2 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/71806
Updated by Gerrit Code Review about 3 years ago
Patch set 3 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/71806
Updated by Gerrit Code Review about 3 years ago
Patch set 4 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/71806
Updated by Gerrit Code Review about 3 years ago
Patch set 5 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/71806
Updated by Gerrit Code Review about 3 years ago
Patch set 6 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/71806
Updated by Gerrit Code Review about 3 years ago
Patch set 7 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/71806
Updated by Helmut Hummel about 3 years ago
- Has duplicate Bug #95726: TS: shortcutIcon no longer resolves EXT-paths added
Updated by Helmut Hummel about 3 years ago
- Related to Bug #95481: Configuring custom PageRenderer template can throw exception added
Updated by Gerrit Code Review about 3 years ago
Patch set 2 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/71804
Updated by Helmut Hummel about 3 years ago
- Status changed from Under Review to Needs Feedback
Can you please check out the fix and vote if it works for you?
Thanks https://review.typo3.org/c/Packages/TYPO3.CMS/+/71804
Updated by Florian Rival about 3 years ago
- Status changed from Needs Feedback to Resolved
- % Done changed from 0 to 100
Applied in changeset 4a87bd2eda68b8c286806cfbfa09abb79c3f8c1c.
Updated by