Skip to content

Commit ece0824

Browse files
ohaderohader
committed
[SECURITY] Enforce HTTP method assertions for backend modules
Resolves: #104456 Releases: main, 13.4, 12.4 Change-Id: Ic679584a343b6d35e81325a03148b0cff81f1d27 Security-Bulletin: TYPO3-CORE-SA-2025-003 Security-Bulletin: TYPO3-CORE-SA-2025-004 Security-Bulletin: TYPO3-CORE-SA-2025-005 Security-Bulletin: TYPO3-CORE-SA-2025-006 Security-Bulletin: TYPO3-CORE-SA-2025-007 Security-Bulletin: TYPO3-CORE-SA-2025-008 Security-References: CVE-2024-55893 Security-References: CVE-2024-55894 Security-References: CVE-2024-55920 Security-References: CVE-2024-55921 Security-References: CVE-2024-55922 Security-References: CVE-2024-55923 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/87744 Tested-by: Oliver Hader <oliver.hader@typo3.org> Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
1 parent 35ffb09 commit ece0824

File tree

2 files changed

+14
-4
lines changed

2 files changed

+14
-4
lines changed

Classes/Controller/BackendLogController.php

+8
Original file line numberDiff line numberDiff line change
@@ -25,6 +25,7 @@
2525
use TYPO3\CMS\Belog\Domain\Repository\LogEntryRepository;
2626
use TYPO3\CMS\Core\Authentication\BackendUserAuthentication;
2727
use TYPO3\CMS\Core\Database\ConnectionPool;
28+
use TYPO3\CMS\Core\Http\AllowedMethodsTrait;
2829
use TYPO3\CMS\Core\Type\Bitmask\Permission;
2930
use TYPO3\CMS\Core\Type\ContextualFeedbackSeverity;
3031
use TYPO3\CMS\Core\Utility\ExtensionManagementUtility;
@@ -39,6 +40,8 @@
3940
*/
4041
class BackendLogController extends ActionController
4142
{
43+
use AllowedMethodsTrait;
44+
4245
public function __construct(
4346
protected readonly ModuleTemplateFactory $moduleTemplateFactory,
4447
protected readonly LogEntryRepository $logEntryRepository,
@@ -124,6 +127,11 @@ public function listAction(?Constraint $constraint = null, string $operation = '
124127
->renderResponse('BackendLog/List');
125128
}
126129

130+
public function initializeDeleteMessageAction(): void
131+
{
132+
$this->assertAllowedHttpMethod($this->request, 'POST');
133+
}
134+
127135
/**
128136
* Delete all log entries that share the same message with the log entry given
129137
* in $errorUid

Resources/Private/Partials/Content/LogEntries.html

+6-4
Original file line numberDiff line numberDiff line change
@@ -96,16 +96,16 @@ <h3>
9696
</td>
9797
<td class="col-control">
9898
<f:if condition="{logItem.error} == 1">
99-
<f:link.action action="deleteMessage" arguments="{errorUid:logItem.uid}" class="btn btn-sm btn-warning">
99+
<f:form.button class="btn btn-sm btn-warning" form="form-delete-message" type="submit" name="errorUid" value="{logItem.uid}">
100100
<core:icon identifier="actions-delete" size="small"/>
101101
<f:translate key="actions.deleteWarnings"/>
102-
</f:link.action>
102+
</f:form.button>
103103
</f:if>
104104
<f:if condition="{logItem.error} == 2">
105-
<f:link.action action="deleteMessage" arguments="{errorUid:logItem.uid}" class="btn btn-sm btn-danger">
105+
<f:form.button class="btn btn-sm btn-danger" form="form-delete-message" type="submit" name="errorUid" value="{logItem.uid}">
106106
<core:icon identifier="actions-delete" size="small"/>
107107
<f:translate key="actions.delete"/>
108-
</f:link.action>
108+
</f:form.button>
109109
</f:if>
110110
<f:if condition="{logItem.logData.history}">
111111
<a class="btn btn-sm btn-default" href="{be:moduleLink(route: 'record_history', arguments: '{historyEntry: logItem.logData.history}')}" title="{f:translate(key: 'showHistory')}">
@@ -121,6 +121,8 @@ <h3>
121121
</div>
122122
</f:for>
123123
</f:for>
124+
125+
<f:form action="deleteMessage" id="form-delete-message" method="post" class="hidden"/>
124126
</f:then>
125127
<f:else>
126128
<f:be.infobox

0 commit comments

Comments
 (0)