UrlLinkHandler.php

Go to the documentation of this file.

<?php
 
/*
 * This file is part of the TYPO3 CMS project.
 *
 * It is free software; you can redistribute it and/or modify it under
 * the terms of the GNU General Public License, either version 2
 * of the License, or any later version.
 *
 * For the full copyright and license information, please read the
 * LICENSE.txt file that was distributed with this source code.
 *
 * The TYPO3 project - inspiring people to share!
 */
 
namespace ‪TYPO3\CMS\Core\LinkHandling;
 
class ‪UrlLinkHandler implements ‪LinkHandlingInterface
{
    public function ‪asString(array $parameters): string
    {
        return $this->‪addHttpSchemeAsFallback($parameters['url']);
    }
 
    public function ‪resolveHandlerData(array $data): array
    {
        return ['url' => $this->‪addHttpSchemeAsFallback($data['url'])];
    }
 
    protected function ‪addHttpSchemeAsFallback(string ‪$url): string
    {
        if (!empty(‪$url)) {
            // We expect this an absolute path, and leave as is. We also leave double slashes ('//') as is.
            if (str_starts_with(‪$url, '/')) {
                return ‪$url;
            }
            $scheme = parse_url(‪$url, PHP_URL_SCHEME);
            if (empty($scheme)) {
                ‪$url = ‪self::getDefaultScheme() . '://' . ‪$url;
            } elseif (in_array(strtolower($scheme), ['javascript', 'data'], true)) {
                // deny using insecure scheme's like `javascript:` or `data:` as URL scheme
                ‪$url = '';
            }
        }
        return ‪$url;
    }
 
    public static function ‪getDefaultScheme(): string
    {
        return (‪$GLOBALS['TYPO3_CONF_VARS']['SYS']['defaultScheme'] ?? '')
            ?: ‪LinkHandlingInterface::DEFAULT_SCHEME;
    }
}