Skip to content

Instantly share code, notes, and snippets.

@pgampe
Created June 30, 2012 12:01
Show Gist options
  • Save pgampe/3023546 to your computer and use it in GitHub Desktop.
Save pgampe/3023546 to your computer and use it in GitHub Desktop.
Show TYPO3 Typoscript security problem with insertData = 1
page >
page = PAGE
page.10 = COA_INT
page.10 {
10 = HMENU
10 {
special = directory
# a menu root page
special.value = 105
1 = TMENU
1 {
wrap = <ul>|</ul>
NO = 1
NO {
wrapItemAndSub = <li>{field:uid} |</li>
wrapItemAndSub.insertData = 1
# the PHP code for WrapItemAndSub is very strange and renders the wrap outside of the content, just
# to apply a wrap later on
# use this to show that this is indeed dangerous
stdWrap.insertData = 1
}
}
}
20 = TEXT
20.value = <p> and now with dataWrap </p>
30 = HMENU
30 {
special = directory
# a menu root page
special.value = 105
1 = TMENU
1 {
wrap = <ul>|</ul>
NO = 1
NO {
# the next line is only needed as bugfix
wrapItemAndSub = |
wrapItemAndSub.dataWrap = <li>{field:uid} |</li>
}
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment