Project

General

Profile

Actions

Bug #97033

open

Entry points are not properly sanitized in the site configuration

Added by Michael Schams over 2 years ago. Updated over 2 years ago.

Status:
Accepted
Priority:
Should have
Assignee:
-
Category:
Backend User Interface
Target version:
-
Start date:
2022-02-25
Due date:
% Done:

0%

Estimated time:
TYPO3 Version:
11
PHP Version:
Tags:
Complexity:
Is Regression:
Sprint Focus:

Description

TYPO3 v11.5.6: open the backend as an administrator, go to Site Management -> Sites. Edit one of the existing sites.
In the tab "General", locate the input "Entry Point" at the bottom.
Enter invalid values such as:

- /1/2/3/4/////// (accepted by TYPO3 - not an error as such)
- // (results in a 503 error: The parsedUri "//" appears to be malformed)

The second example requires a manual edit of the config.yaml file and deletion of the content of directories var/cache/*.
Other invalid values are probably also possible (untested).

Actions #1

Updated by Georg Ringer over 2 years ago

  • Status changed from New to Accepted
Actions

Also available in: Atom PDF