[BUGFIX] Allow non-valid absolute paths for createVersionNumberFileName

With the fix of using versioned numbered filenames for the TYPO3 Backend, a use-case "absolutely referenced, but relative to public path file" did break for Frontend inclusions of CSS or JS files. This is now overcome by only using the original bugfix in the TYPO3 Backend. Resolves: #98106 Related: #97939 Releases: main, 11.5, 10.4 Change-Id: Iff6251bd95e1c0a93a6f5538b9f560e55ba80b0c Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/75412 Tested-by: core-ci <typo3@b13.com> Tested-by: Oliver Bartsch <bo@cedev.de> Tested-by: Stefan Bürk <stefan@buerk.tech> Tested-by: Benni Mack <benni@typo3.org> Reviewed-by: Oliver Bartsch <bo@cedev.de> Reviewed-by: Stefan Bürk <stefan@buerk.tech> Reviewed-by: Benni Mack <benni@typo3.org>
TYPO3 · Aug 10, 2022 · e30a9e9 · e30a9e9
1 parent 54d158f
commit e30a9e9
Show file tree

Hide file tree

Showing 2 changed files with 52 additions and 4 deletions.
diff --git a/typo3/sysext/core/Classes/Utility/GeneralUtility.php b/typo3/sysext/core/Classes/Utility/GeneralUtility.php
@@ -2123,17 +2123,24 @@ public static function getBytesFromSizeMeasurement($measurement)
      */
     public static function createVersionNumberedFilename($file)
     {
+        $isFrontend = ($GLOBALS['TYPO3_REQUEST'] ?? null) instanceof ServerRequestInterface
+            && ApplicationType::fromRequest($GLOBALS['TYPO3_REQUEST'])->isFrontend();
         $lookupFile = explode('?', $file);
         $path = $lookupFile[0];
-        if (!PathUtility::isAbsolutePath($path)) {
+
+        // @todo: in v12 this should be resolved by using Environment::getPublicPath() once
+        if ($isFrontend) {
+            // Frontend should still allow /static/myfile.css - see #98106
+            // This should happen regardless of the incoming path is absolute or not
+            $path = self::resolveBackPath(self::dirname(Environment::getCurrentScript()) . '/' . $path);
+        } elseif (!PathUtility::isAbsolutePath($path)) {
+            // Backend and non-absolute path
             $path = self::resolveBackPath(self::dirname(Environment::getCurrentScript()) . '/' . $path);
         }
 
         $doNothing = false;
 
-        if (($GLOBALS['TYPO3_REQUEST'] ?? null) instanceof ServerRequestInterface
-            && ApplicationType::fromRequest($GLOBALS['TYPO3_REQUEST'])->isFrontend()
-        ) {
+        if ($isFrontend) {
             $mode = strtolower($GLOBALS['TYPO3_CONF_VARS']['FE']['versionNumberInFilename']);
             if ($mode === 'embed') {
                 $mode = true;

diff --git a/typo3/sysext/core/Tests/Unit/Utility/GeneralUtilityTest.php b/typo3/sysext/core/Tests/Unit/Utility/GeneralUtilityTest.php
@@ -24,6 +24,8 @@
 use TYPO3\CMS\Core\Cache\CacheManager;
 use TYPO3\CMS\Core\Cache\Frontend\FrontendInterface;
 use TYPO3\CMS\Core\Core\Environment;
+use TYPO3\CMS\Core\Core\SystemEnvironmentBuilder;
+use TYPO3\CMS\Core\Http\ServerRequest;
 use TYPO3\CMS\Core\Package\Package;
 use TYPO3\CMS\Core\Package\PackageManager;
 use TYPO3\CMS\Core\SingletonInterface;
@@ -39,6 +41,7 @@
 use TYPO3\CMS\Core\Tests\Unit\Utility\Fixtures\TwoParametersConstructorFixture;
 use TYPO3\CMS\Core\Utility\ExtensionManagementUtility;
 use TYPO3\CMS\Core\Utility\GeneralUtility;
+use TYPO3\CMS\Core\Utility\PathUtility;
 use TYPO3\CMS\Core\Utility\StringUtility;
 use TYPO3\TestingFramework\Core\Unit\UnitTestCase;
 
@@ -4124,4 +4127,42 @@ public function createVersionNumberedFilenameDoesNotResolveBackpathForAbsolutePa
 
         self::assertMatchesRegularExpression('/^.*\/tests\/' . $uniqueFilename . '\.[0-9]+\.css/', $versionedFilename);
     }
+
+    /**
+     * @test
+     */
+    public function createVersionNumberedFilenameKeepsInvalidAbsolutePathInFrontendAndAddsQueryString(): void
+    {
+        Environment::initialize(
+            Environment::getContext(),
+            true,
+            false,
+            Environment::getProjectPath(),
+            Environment::getPublicPath(),
+            Environment::getVarPath(),
+            Environment::getConfigPath(),
+            Environment::getPublicPath() . '/index.php',
+            Environment::isWindows() ? 'WINDOWS' : 'UNIX'
+        );
+        $request = new ServerRequest('https://www.example.com', 'GET');
+        $GLOBALS['TYPO3_REQUEST'] = $request->withAttribute('applicationType', SystemEnvironmentBuilder::REQUESTTYPE_FE);
+        $uniqueFilename = StringUtility::getUniqueId('main_');
+        $testFileDirectory = Environment::getPublicPath() . '/static/';
+        $testFilepath = $testFileDirectory . $uniqueFilename . '.css';
+        GeneralUtility::mkdir_deep($testFileDirectory);
+        touch($testFilepath);
+
+        $GLOBALS['TYPO3_CONF_VARS']['FE']['versionNumberInFilename'] = 'querystring';
+        $incomingFileName = '/' . PathUtility::stripPathSitePrefix($testFilepath);
+        $versionedFilename = GeneralUtility::createVersionNumberedFilename($incomingFileName);
+        self::assertStringContainsString('.css?', $versionedFilename);
+        self::assertStringStartsWith('/static/main_', $versionedFilename);
+
+        $incomingFileName = PathUtility::stripPathSitePrefix($testFilepath);
+        $versionedFilename = GeneralUtility::createVersionNumberedFilename($incomingFileName);
+        self::assertStringContainsString('.css?', $versionedFilename);
+        self::assertStringStartsWith('static/main_', $versionedFilename);
+
+        GeneralUtility::rmdir($testFileDirectory, true);
+    }
 }