How to avoid cache-pollution with TYPO3

by Hendrik Will. 1 Comment

Did you ever wonder about URLs containing parameters like this: domain.tld/page.html&L=1print=1print=1print=1print= and so on. It would also be possible to abuse it for spam like this: domain.tld/page.html&L=1_buy-viagra-at_www.viagra-spam.url

You can avoid this cache-pollution by specifying a range of valid values for your linkVars configuration. You can append the values in round brackets to your L-params. It’s also possible to use regular expressions here.

Example:

config {
linkVars = L(1-5), print(1)
}

Otherwise it can happen that TYPO3 puts malformed URLs in your cache and your clients will get mad.
You can find more examples in TSref at typo3.org.

One Response to How to avoid cache-pollution with TYPO3

  1. Michael Canno says:

    Hendrik,

    Thanks for the simple tip reminder here. It should be further cleared up that the linkVars property is used to limit or prevent what URLs will be generated. This is how the bad variables can be prevented and link injection prevented.

    Basically, by only saying `linkVars = print`, it still allows `?print=1234_I’mabadguy`, but that `linkVars = print(1}` only allows `?print=1`.

    Therefore, through this process you attempt to prevent bad URLs being generated.

    Ciao!

    Michael

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>