Actions
Bug #95683
closed
TYPO3's Backend login presents an HTTP 500 if "Accept-Language" is omitted
Status:
Closed
Priority:
Should have
Assignee:
-
Category:
System/Bootstrap/Configuration
Target version:
-
Start date:
2021-10-17
Due date:
% Done:
100%
Estimated time:
TYPO3 Version:
11
PHP Version:
8.0
Tags:
Complexity:
easy
Is Regression:
Sprint Focus:
Description
Currently, TYPO3 (tested with 11.5.1) throws an exception when it encounters a request lacking an Accept-Language header. You can test this e.g. with HTTPie, such as:
$ http --print hH https://develop.review.mfc.gmbh/typo3/ GET /typo3/ HTTP/1.1 Accept: */* Accept-Encoding: gzip, deflate Connection: keep-alive Host: develop.review.mfc.gmbh User-Agent: HTTPie/2.4.0 HTTP/1.1 500 Internal Server Error Connection: keep-alive Content-Type: text/html; charset=UTF-8 Date: Sun, 17 Oct 2021 19:56:51 GMT Referrer-policy: same-origin Server: nginx/1.19.2 Strict-Transport-Security: max-age=15724800; includeSubDomains Transfer-Encoding: chunked X-Content-Type-Options: nosniff X-Powered-By: PHP/8.0.11 X-UA-Compatible: IE=edge
whereas
$ http --print hH https://develop.review.mfc.gmbh/typo3/ "Accept-Language: de" GET /typo3/ HTTP/1.1 Accept: */* Accept-Encoding: gzip, deflate Accept-Language: de Connection: keep-alive Host: develop.review.mfc.gmbh User-Agent: HTTPie/2.4.0 HTTP/1.1 200 OK Cache-Control: no-cache, must-revalidate Connection: keep-alive Content-Encoding: gzip Content-Length: 3107 Content-Type: text/html; charset=utf-8 Date: Sun, 17 Oct 2021 20:01:39 GMT Expires: 0 Last-Modified: Sun, 17 Oct 2021 20:01:39 GMT Pragma: no-cache Referrer-policy: same-origin Server: nginx/1.19.2 Set-Cookie: be_typo_user=deleted; expires=Sat, 17-Oct-2020 20:01:38 GMT; Max-Age=0; path=/; httponly; samesite=lax Strict-Transport-Security: max-age=15724800; includeSubDomains Vary: Accept-Encoding X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-Powered-By: PHP/8.0.11 X-UA-Compatible: IE=edge
This is due to the following lines in \TYPO3\CMS\Backend\Controller\LoginController:
$httpAcceptLanguage = $request->getServerParams()['HTTP_ACCEPT_LANGUAGE'];
$preferredBrowserLanguage = GeneralUtility::makeInstance(Locales::class)->getPreferredClientLanguage($httpAcceptLanguage);
However, the presence of an Accept-Language is IMHO not a strict requirement in a valid HTTP request (although most browsers will include it). Hence, TYPO3 should fallback gracefully to one of its available backend languages (such as English) if the client does not provide a preference.
Updated by Christian Spoo about 3 years ago
- Subject changed from TYPO3's Backend login presents an HTTP 500 to TYPO3's Backend login presents an HTTP 500 if "Accept-Language" is omitted
Updated by Georg Ringer about 3 years ago
- Status changed from Accepted to Needs Feedback
hmm works on my machine
http --print hH http://t3-master.vm/typo3/ GET /typo3/ HTTP/1.1 Accept: */* Accept-Encoding: gzip, deflate Connection: keep-alive Host: t3-master.vm User-Agent: HTTPie/2.5.0 HTTP/1.1 200 OK Cache-Control: no-cache, must-revalidate Connection: Keep-Alive Content-Encoding: gzip Content-Length: 3109 Content-Type: text/html; charset=utf-8 Date: Mon, 18 Oct 2021 11:25:13 GMT Expires: 0 Keep-Alive: timeout=5, max=100 Last-Modified: Mon, 18 Oct 2021 11:25:15 GMT Pragma: no-cache Server: Apache/2.4.38 (Debian) Set-Cookie: be_typo_user=deleted; expires=Sun, 18-Oct-2020 11:25:14 GMT; Max-Age=0; path=/; httponly; samesite=lax Vary: Accept-Encoding X-Frame-Options: SAMEORIGIN X-UA-Compatible: IE=edge
which error do you get?
Updated by Christian Spoo about 3 years ago
Georg Ringer wrote in #note-3:
which error do you get?
Mon, 18 Oct 2021 14:59:16 +0200 [CRITICAL] request="cadce96800630" component="TYPO3.CMS.Core.Error.DebugExceptionHandler": Core: Exception handler (WEB: BE): TYPO3\CMS\Core\Error\Exception, code #1476107295, file /var/www/html/public/typo3/sysext/core/Classes/Error/ErrorHandler.php, line 145: PHP Warning: Undefined array key "HTTP_ACCEPT_LANGUAGE" in /var/www/html/public/typo3/sysext/backend/Classes/Controller/LoginController.php line 218- Exception: PHP Warning: Undefined array key "HTTP_ACCEPT_LANGUAGE" in /var/www/html/public/typo3/sysext/backend/Classes/Controller/LoginController.php line 218, in file /var/www/html/public/typo3/sysext/core/Classes/Error/ErrorHandler.php:145 - {"mode":"WEB","application_mode":"BE","exception_class":"TYPO3\\CMS\\Core\\Error\\Exception","exception_code":1476107295,"file":"/var/www/html/public/typo3/sysext/core/Classes/Error/ErrorHandler.php","line":145,"message":"PHP Warning: Undefined array key \"HTTP_ACCEPT_LANGUAGE\" in /var/www/html/public/typo3/sysext/backend/Classes/Controller/LoginController.php line 218","request_url":"https://local.mfc.gmbh:8081/typo3/","exception":"TYPO3\\CMS\\Core\\Error\\Exception: PHP Warning: Undefined array key \"HTTP_ACCEPT_LANGUAGE\" in /var/www/html/public/typo3/sysext/backend/Classes/Controller/LoginController.php line 218 in /var/www/html/public/typo3/sysext/core/Classes/Error/ErrorHandler.php:145\nStack trace:\n#0 /var/www/html/public/typo3/sysext/backend/Classes/Controller/LoginController.php(218): TYPO3\\CMS\\Core\\Error\\ErrorHandler->handleError(2, 'Undefined array...', '/var/www/html/p...', 218)\n#1 /var/www/html/public/typo3/sysext/backend/Classes/Controller/LoginController.php(142): TYPO3\\CMS\\Backend\\Controller\\LoginController->init(Object(TYPO3\\CMS\\Core\\Http\\ServerRequest))\n#2 /var/www/html/public/typo3/sysext/backend/Classes/Http/RouteDispatcher.php(91): TYPO3\\CMS\\Backend\\Controller\\LoginController->formAction(Object(TYPO3\\CMS\\Core\\Http\\ServerRequest))\n#3 /var/www/html/public/typo3/sysext/backend/Classes/Http/RequestHandler.php(110): TYPO3\\CMS\\Backend\\Http\\RouteDispatcher->dispatch(Object(TYPO3\\CMS\\Core\\Http\\ServerRequest))\n#4 /var/www/html/public/typo3/sysext/core/Classes/Middleware/ResponsePropagation.php(34): TYPO3\\CMS\\Backend\\Http\\RequestHandler->handle(Object(TYPO3\\CMS\\Core\\Http\\ServerRequest))\n#5 /var/www/html/public/typo3/sysext/core/Classes/Http/MiddlewareDispatcher.php(172): TYPO3\\CMS\\Core\\Middleware\\ResponsePropagation->process(Object(TYPO3\\CMS\\Core\\Http\\ServerRequest), Object(TYPO3\\CMS\\Backend\\Http\\RequestHandler))\n#6 /var/www/html/public/typo3/sysext/backend/Classes/Middleware/SiteResolver.php(69): Psr\\Http\\Server\\RequestHandlerInterface@anonymous->handle(Object(TYPO3\\CMS\\Core\\Http\\ServerRequest))\n#7 /var/www/html/public/typo3/sysext/core/Classes/Http/MiddlewareDispatcher.php(172): TYPO3\\CMS\\Backend\\Middleware\\SiteResolver->process(Object(TYPO3\\CMS\\Core\\Http\\ServerRequest), Object(Psr\\Http\\Server\\RequestHandlerInterface@anonymous))\n#8 /var/www/html/public/typo3/sysext/backend/Classes/Middleware/AdditionalResponseHeaders.php(41): Psr\\Http\\Server\\RequestHandlerInterface@anonymous->handle(Object(TYPO3\\CMS\\Core\\Http\\ServerRequest))\n#9 /var/www/html/public/typo3/sysext/core/Classes/Http/MiddlewareDispatcher.php(172): TYPO3\\CMS\\Backend\\Middleware\\AdditionalResponseHeaders->process(Object(TYPO3\\CMS\\Core\\Http\\ServerRequest), Object(Psr\\Http\\Server\\RequestHandlerInterface@anonymous))\n#10 /var/www/html/public/typo3/sysext/backend/Classes/Middleware/OutputCompression.php(47): Psr\\Http\\Server\\RequestHandlerInterface@anonymous->handle(Object(TYPO3\\CMS\\Core\\Http\\ServerRequest))\n#11 /var/www/html/public/typo3/sysext/core/Classes/Http/MiddlewareDispatcher.php(172): TYPO3\\CMS\\Backend\\Middleware\\OutputCompression->process(Object(TYPO3\\CMS\\Core\\Http\\ServerRequest), Object(Psr\\Http\\Server\\RequestHandlerInterface@anonymous))\n#12 /var/www/html/public/typo3/sysext/backend/Classes/Middleware/BackendUserAuthenticator.php(165): Psr\\Http\\Server\\RequestHandlerInterface@anonymous->handle(Object(TYPO3\\CMS\\Core\\Http\\ServerRequest))\n#13 /var/www/html/public/typo3/sysext/core/Classes/Http/MiddlewareDispatcher.php(172): TYPO3\\CMS\\Backend\\Middleware\\BackendUserAuthenticator->process(Object(TYPO3\\CMS\\Core\\Http\\ServerRequest), Object(Psr\\Http\\Server\\RequestHandlerInterface@anonymous))\n#14 /var/www/html/public/typo3/sysext/backend/Classes/Middleware/BackendRouteInitialization.php(86): Psr\\Http\\Server\\RequestHandlerInterface@anonymous->handle(Object(TYPO3\\CMS\\Core\\Http\\ServerRequest))\n#15 /var/www/html/public/typo3/sysext/core/Classes/Http/MiddlewareDispatcher.php(172): TYPO3\\CMS\\Backend\\Middleware\\BackendRouteInitialization->process(Object(TYPO3\\CMS\\Core\\Http\\ServerRequest), Object(Psr\\Http\\Server\\RequestHandlerInterface@anonymous))\n#16 /var/www/html/public/typo3/sysext/backend/Classes/Middleware/ForcedHttpsBackendRedirector.php(55): Psr\\Http\\Server\\RequestHandlerInterface@anonymous->handle(Object(TYPO3\\CMS\\Core\\Http\\ServerRequest))\n#17 /var/www/html/public/typo3/sysext/core/Classes/Http/MiddlewareDispatcher.php(172): TYPO3\\CMS\\Backend\\Middleware\\ForcedHttpsBackendRedirector->process(Object(TYPO3\\CMS\\Core\\Http\\ServerRequest), Object(Psr\\Http\\Server\\RequestHandlerInterface@anonymous))\n#18 /var/www/html/public/typo3/sysext/backend/Classes/Middleware/LockedBackendGuard.php(75): Psr\\Http\\Server\\RequestHandlerInterface@anonymous->handle(Object(TYPO3\\CMS\\Core\\Http\\ServerRequest))\n#19 /var/www/html/public/typo3/sysext/core/Classes/Http/MiddlewareDispatcher.php(172): TYPO3\\CMS\\Backend\\Middleware\\LockedBackendGuard->process(Object(TYPO3\\CMS\\Core\\Http\\ServerRequest), Object(Psr\\Http\\Server\\RequestHandlerInterface@anonymous))\n#20 /var/www/html/public/typo3/sysext/core/Classes/Middleware/NormalizedParamsAttribute.php(45): Psr\\Http\\Server\\RequestHandlerInterface@anonymous->handle(Object(TYPO3\\CMS\\Core\\Http\\ServerRequest))\n#21 /var/www/html/public/typo3/sysext/core/Classes/Http/MiddlewareDispatcher.php(172): TYPO3\\CMS\\Core\\Middleware\\NormalizedParamsAttribute->process(Object(TYPO3\\CMS\\Core\\Http\\ServerRequest), Object(Psr\\Http\\Server\\RequestHandlerInterface@anonymous))\n#22 /var/www/html/public/typo3/sysext/core/Classes/Middleware/VerifyHostHeader.php(55): Psr\\Http\\Server\\RequestHandlerInterface@anonymous->handle(Object(TYPO3\\CMS\\Core\\Http\\ServerRequest))\n#23 /var/www/html/public/typo3/sysext/core/Classes/Http/MiddlewareDispatcher.php(172): TYPO3\\CMS\\Core\\Middleware\\VerifyHostHeader->process(Object(TYPO3\\CMS\\Core\\Http\\ServerRequest), Object(Psr\\Http\\Server\\RequestHandlerInterface@anonymous))\n#24 /var/www/html/public/typo3/sysext/core/Classes/Http/MiddlewareDispatcher.php(78): Psr\\Http\\Server\\RequestHandlerInterface@anonymous->handle(Object(TYPO3\\CMS\\Core\\Http\\ServerRequest))\n#25 /var/www/html/public/typo3/sysext/core/Classes/Http/AbstractApplication.php(85): TYPO3\\CMS\\Core\\Http\\MiddlewareDispatcher->handle(Object(TYPO3\\CMS\\Core\\Http\\ServerRequest))\n#26 /var/www/html/public/typo3/sysext/backend/Classes/Http/Application.php(72): TYPO3\\CMS\\Core\\Http\\AbstractApplication->handle(Object(TYPO3\\CMS\\Core\\Http\\ServerRequest))\n#27 /var/www/html/public/typo3/sysext/core/Classes/Http/AbstractApplication.php(97): TYPO3\\CMS\\Backend\\Http\\Application->handle(Object(TYPO3\\CMS\\Core\\Http\\ServerRequest))\n#28 /var/www/html/public/typo3/index.php(20): TYPO3\\CMS\\Core\\Http\\AbstractApplication->run()\n#29 /var/www/html/public/typo3/index.php(21): {closure}()\n#30 {main}"}
Updated by Georg Ringer about 3 years ago
- Status changed from Needs Feedback to Accepted
Updated by Georg Ringer about 3 years ago
- Related to Bug #95625: Avoid warning from optional HTTP_ACCEPT_LANGUAGE added
Updated by Gerrit Code Review about 3 years ago
- Status changed from Accepted to Under Review
Patch set 1 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/71879
Updated by Georg Ringer about 3 years ago
- Status changed from Under Review to Resolved
- % Done changed from 0 to 100
Applied in changeset d438dd701e47601b1e0af1279aa4f34623ae0b8e.
Updated by
Actions