[BUG] Missing NULL handling in pageSelectAction in NavigationController.php #1570
Description
Description
The pageSelectAction in the NavigationController.php provides a default of NULL when no paramters are sent, but this case does not get handled which results in an error like:
Core: Exception handler (WEB): Uncaught TYPO3 Exception: #1257246929: Tried resolving a template file for controller action "Navigation->pageSelect" in format ".html", but none of the paths contained the expected template file (Navigation/PageSelect.html). The following paths were checked: [REDACTED]/typo3conf/ext/dlf/Resources/Private/Templates/, [REDACTED]/typo3conf/ext/presentation_package/Resources/Private/Plugins/Templates/ | TYPO3Fluid\Fluid\View\Exception\InvalidTemplateResourceException thrown in file [REDACTED]/vendor/typo3fluid/fluid/src/View/TemplatePaths.php in line 617. Requested URL: https://digitalisate.sub.uni-hamburg.de/recherche/detail?tx_dlf%5Bdouble%5D=0&tx_dlf%5Bid%5D=5120&tx_dlf%5Bpagegrid%5D=0&tx_dlf_navigation%5Baction%5D=pageSelect&tx_dlf_navigation%5Bcontroller%5D=Navigation&cHash=779941a69f26b2799c1404dcd74eced2
While normal user actions do submit the formdata (via POST) when selecting a value from the dropdown-menu, this is not the case for (naughty) crawlers that simply follow the URL (parameterless GET-Request) of the formdata, even when nofollow rules are in place. In our case this was observable for activities of the BingBot, which results in massive error-logging in the backend. I have adapted our robots.txt to disallow paths that contain pageSelect, but cant check yet if it actually will obey this rule. While blocking bingbot might be the last resort, its rather undesired.
Maybe the underlying issue is not distinguishing between GET and POST requests ?? , but as for this issue its the manifestation as error messages when no formdata was provided.
Reproduction
Steps to reproduce the behaviour:
- extract the URL provided in the
actionparameter from thepageSelectFormand call it for your host - you should run into a 503 error with the above error message
- the bad request has been logged in the typo3 backend
Expected Behavior
Calling the URL of the action of the pageSelectForm should be handled in a way, that it does not result in a 503 error. Instead it could be simply aborted or at least result in a 404.