Changed regex handling and default (random) additional_secret_key cha…

…nged
TYPO3-extensions · Mar 5, 2015 · a7e5c16 · a7e5c16
1 parent 77b78c8
commit a7e5c16
Show file tree

Hide file tree

Showing 4 changed files with 14 additions and 3 deletions.
diff --git a/Classes/Parser/HtmlParser.php b/Classes/Parser/HtmlParser.php
@@ -99,6 +99,9 @@ public function __construct(HtmlParserDelegateInterface $delegate, array $settin
 				$this->$setterMethodName($setting);
 			}
 		}
+		if (substr($this->fileExtensionPattern,0,1) !== '\\') {
+			$this->fileExtensionPattern = '\\.(' . $this->fileExtensionPattern . ')';
+		}
 	}
 
 	/**

diff --git a/Classes/Request/RequestContext.php b/Classes/Request/RequestContext.php
@@ -85,6 +85,7 @@ public function __construct() {
 		} else {
 			throw new \LogicException('Unknown Context.', 1377180593);
 		}
+
 	}
 
 	/**
@@ -174,6 +175,8 @@ protected function initializeFrontendContext() {
 				$this->additionalSecret = GeneralUtility::getRandomHexString(64);
 				$typoScriptFrontendController->config['tx_securedownload.']['additionalSecret'] = $this->additionalSecret;
 			}
+		} else {
+			$this->additionalSecret = $GLOBALS['TYPO3_CONF_VARS']['SYS']['encryptionKey'];
 		}
 		if (
 			isset($typoScriptFrontendController->config['config']['tx_nawsecuredl_enable'])

diff --git a/Classes/Resource/Publishing/PhpDeliveryProtectedResourcePublishingTarget.php b/Classes/Resource/Publishing/PhpDeliveryProtectedResourcePublishingTarget.php
@@ -116,7 +116,12 @@ protected function calculateLinkLifetime() {
 	protected function isPubliclyAvailable(ResourceInterface $resource) {
 		$resourceUri = $this->getResourceUri($resource);
 		$securedFoldersExpression = $this->configurationManager->getValue('securedDirs');
-		$fileExtensionExpression = $this->configurationManager->getValue('filetype');
+		if (substr($this->configurationManager->getValue('filetype'),0,1) === '\\') {
+			$fileExtensionExpression = $this->configurationManager->getValue('filetype');
+		} else {
+			$fileExtensionExpression = '\\.(' . $this->configurationManager->getValue('filetype') . ')';
+		}
+
 		// TODO: maybe check if the resource is available without authentication by doing a head request
 		return !(preg_match('/(('. HtmlParser::softQuoteExpression($securedFoldersExpression) . ')+?\/.*?(?:(?i)' . ($fileExtensionExpression) . '))/i', $resourceUri, $matchedUrls)
 			&& is_array($matchedUrls)

diff --git a/ext_conf_template.txt b/ext_conf_template.txt
@@ -3,7 +3,7 @@
 securedDirs = typo3temp|fileadmin|uploads
 
 # cat=basic/parsing; type=string; label=File Type Pattern: A file type pattern for files that should be secured. Multiple file type patterns can be separated by a pipe.
-filetype = \.(pdf|jpe?g|gif|png|odt|pptx?|docx?|xlsx?|zip|rar|tgz|tar|gz)
+filetype = pdf|jpe?g|gif|png|odt|pptx?|docx?|xlsx?|zip|rar|tgz|tar|gz
 
 # cat=basic/parsing; type=string; label=Domain: A domain prefix before the securedDirs part (e.g. http://www.host.com/). Not needed for internal (relative) links.
 domain = http://mydomain.com/|http://my.other.domain.org/
@@ -35,7 +35,7 @@ apacheDelivery = 0
 forcedownload = 0
 
 # cat=filedelivery; type=string; label=forcedownloadtype:a list of filetypes that should not be opened inline in a browser, seperated by a pipe. Only used if forcedownload is true
-forcedownloadtype = \.(odt|pptx?|docx?|xlsx?|zip|rar|tgz|tar|gz)
+forcedownloadtype = odt|pptx?|docx?|xlsx?|zip|rar|tgz|tar|gz
 
 # cat=filedelivery; type=string; label=additionalMimeTypes: Comma separated list of additional MIME types (file extension / mime type pairs, in which file extension and MIME type is separated by a pipe symbol). Can be used to override existing MIME type settings of the extension as well.
 additionalMimeTypes = txt|text/plain,html|text/html
-Original file line number
+Diff line change
@@ Expand Up @@
     				$this->$setterMethodName($setting);
     			}
     		}
+    		if (substr($this->fileExtensionPattern,0,1) !== '\\') {
+    			$this->fileExtensionPattern = '\\.(' . $this->fileExtensionPattern . ')';
+    		}
     	}
     	/**
@@ Expand Down @@