feat: CSP handling via extension

Classes/Cache/Listener/NoNoCacheListener.php → Classes/Cache/Listener/CachingAllowedListener.php

@@ -8,20 +8,20 @@
 use TYPO3\CMS\Core\Information\Typo3Version;
 use TYPO3\CMS\Frontend\Controller\TypoScriptFrontendController;
 
-/**
- * No no_cache.
- */
-class NoNoCacheListener
+class CachingAllowedListener
 {
     public function __construct(private readonly Typo3Version $typo3Version) {}
-    /**
-     * No no_cache.
-     */
+
     public function __invoke(CacheRuleEvent $event): void
     {
         if ($this->typo3Version->getMajorVersion() >= 13) {
+            if (!$event->getRequest()->getAttribute('frontend.cache.instruction')->isCachingAllowed()) {
+                $event->addExplanation(__CLASS__, 'No caching via frontend.cache.instruction attribute');
+            }
             return;
         }
+
+        // v12
         $tsfe = $GLOBALS['TSFE'] ?? null;
         /* @phpstan-ignore-next-line */
         if ($tsfe instanceof TypoScriptFrontendController && $tsfe->no_cache) {

Classes/Cache/Listener/NoIntScriptsListener.php

@@ -5,21 +5,24 @@
 namespace SFC\Staticfilecache\Cache\Listener;
 
 use SFC\Staticfilecache\Event\CacheRuleEvent;
+use SFC\Staticfilecache\Service\ConfigurationService;
 use TYPO3\CMS\Frontend\Cache\NonceValueSubstitution;
 use TYPO3\CMS\Frontend\Controller\TypoScriptFrontendController;
 
 class NoIntScriptsListener
 {
+    public function __construct(protected readonly ConfigurationService $configurationService) {}
+
     public function __invoke(CacheRuleEvent $event): void
     {
         $tsfe = $GLOBALS['TSFE'] ?? null;
         if ($tsfe instanceof TypoScriptFrontendController && $tsfe->isINTincScript()) {
             foreach ((array) $tsfe->config['INTincScript'] as $key => $configuration) {
 
-                // Check CSP Handling
-                // if (isset($configuration['target']) && $configuration['target'] === NonceValueSubstitution::class . '->substituteNonce') {
-                //     continue;
-                // }
+                $cspGenerationOverride = (bool) $this->configurationService->get('cspGenerationOverride');
+                if ($cspGenerationOverride && isset($configuration['target']) && $configuration['target'] === NonceValueSubstitution::class . '->substituteNonce') {
+                    continue;
+                }
 
                 $event->addExplanation(__CLASS__ . ':' . $key, 'The page has a INTincScript: ' . implode(', ', $this->getInformation($configuration)));
             }

Classes/Cache/Listener/NoUserOrGroupSetListener.php

@@ -6,40 +6,18 @@
 
 use SFC\Staticfilecache\Event\CacheRuleEvent;
 use TYPO3\CMS\Core\Context\Context;
-use TYPO3\CMS\Core\Context\Exception\AspectNotFoundException;
 use TYPO3\CMS\Core\Utility\GeneralUtility;
-use TYPO3\CMS\Frontend\Controller\TypoScriptFrontendController;
 
 class NoUserOrGroupSetListener
 {
     /**
      * Check if no user or group is set.
      */
     public function __invoke(CacheRuleEvent $event): void
-    {
-        if ($this->isUserOrGroupSet()) {
-            $event->addExplanation(__CLASS__, 'User or group are set');
-        }
-    }
-
-    /**
-     * Fix this bug: https://forge.typo3.org/issues/83212.
-     *
-     * @see TypoScriptFrontendController::isUserOrGroupSet
-     *
-     * @return bool TRUE if either a login user is found (array fe_user->user and valid id) OR if the gr_list is set to something else than '0,-1' (could be done even without a user being logged in!)
-     */
-    public function isUserOrGroupSet()
     {
         $context = GeneralUtility::makeInstance(Context::class);
-
-        try {
-            $userIsLoggedIn = (bool) $context->getPropertyFromAspect('frontend.user', 'isLoggedIn');
-            $groupIds = (array) $context->getPropertyFromAspect('frontend.user', 'groupIds');
-        } catch (AspectNotFoundException $e) {
-            return false;
+        if ($context->getAspect('frontend.user')->isUserOrGroupSet()) {
+            $event->addExplanation(__CLASS__, 'User or group are set');
         }
-
-        return $userIsLoggedIn || [0, -1] !== $groupIds;
     }
 }

Configuration/Services.yaml

@@ -84,12 +84,6 @@ services:
         identifier: 'ForceStaticCacheListener'
         event: SFC\Staticfilecache\Event\CacheRuleEvent
 
-  SFC\Staticfilecache\Cache\Listener\StaticCacheableListener:
-    tags:
-      - name: event.listener
-        identifier: 'StaticCacheableListener'
-        event: SFC\Staticfilecache\Event\CacheRuleEvent
-
   SFC\Staticfilecache\Cache\Listener\NoBackendUserListener:
     tags:
       - name: event.listener
@@ -120,10 +114,10 @@ services:
         identifier: 'NoIntScriptsListener'
         event: SFC\Staticfilecache\Event\CacheRuleEvent
 
-  SFC\Staticfilecache\Cache\Listener\NoNoCacheListener:
+  SFC\Staticfilecache\Cache\Listener\CachingAllowedListener:
     tags:
       - name: event.listener
-        identifier: 'NoNoCacheListener'
+        identifier: 'CachingAllowedListener'
         event: SFC\Staticfilecache\Event\CacheRuleEvent
 
   SFC\Staticfilecache\Cache\Listener\NoUserOrGroupSetListener:

composer.json

@@ -81,12 +81,9 @@
 			"PHP_CS_FIXER_IGNORE_ENV=1 php-cs-fixer fix --config Resources/Private/Build/PhpCsFixer.php --cache-file=.Build/phpcs.cache --dry-run",
 			"phpstan --memory-limit=1024M"
 		],
-		"test": [
+		"code-test": [
 			"phpunit -c Tests/UnitTests.xml"
 		],
-		"phpstan": [
-			"phpstan --memory-limit=1024M"
-		],
 		"rector": [
 			"rector"
 		]

ext_conf_template.txt

@@ -28,6 +28,9 @@ renameTablesToOtherPrefix = 0
 # cat=basic; type=boolean; label=Large identifier in cache table: Increase the identifier field in the Cache table (used for the URI) from 500 to 10.000
 largeIdentifierInCacheTable = 0
 
+# cat=basic; type=boolean; label=CSP Generation Override: Generate the StaticFileCache even there is one _INT scripts that are related to the nonce replacement. This is possible, because the file is completely static and the hader is also stored. If there are other _INT scripts, the page is still no chached.
+cspGenerationOverride = 0
+
 # cat=basic; type=boolean; label=Use reverse URI length in priority: Add "1000-URILENGTH" to the priority so the home page is much more important than deeplinks
 useReverseUriLengthInPriority = 1