Feature: #84545 - Allow temporary files to be stored outside the document root¶
See forge#84545
Description¶
The environment variable called TYPO3_PATH_APP
, which was previously introduced with the Environment API, is now used
to allow to store data outside of the document root.
All regular composer-based installations now benefit from this functionality directly, as data which was previously
stored and hard-coded within typo3temp/var/
is now stored within the project root folder var/
.
For non-composer installations, it is possible to set the environment variable to a folder usually one level upwards than the regular web root. This increases security for any TYPO3 installation as files are not publicly accessible (for example via web browser) anymore.
A typical example:
TYPO3_PATH_APP
is set to/var/www/my-project
.The web folder is then set to
TYPO3_PATH_ROOT
/var/www/my-project/public
.
Non-public files are then put to
/var/www/my-project/var/session
(like Maintenance Tool Session files)/var/www/my-project/var/cache
(Caching Framework data)/var/www/my-project/var/lock
(Files related to locking)/var/www/my-project/var/log
(Files related to logging)/var/www/my-project/var/extensionmanager
(Files related to extension manager data)/var/www/my-project/var/transient
(Files related to import/export, core updater, FAL)
If the option is not set, the typo3temp/var/
folder is still used, but with some minor differences
regarding the naming scheme of the folders.
Impact¶
For installations having the environment variable set, the folder is now not within typo3temp/var/
anymore
but outside of the document root in a folder called var/
.
For installations without this setting in use, there are minor differences in the folder structure:
typo3temp/var/cache
is now used instead oftypo3temp/var/Cache
typo3temp/var/log
is now used instead oftypo3temp/var/logs
typo3temp/var/lock
is now used instead oftypo3temp/var/locks
typo3temp/var/session
is now used instead oftypo3temp/var/InstallToolSessions
typo3temp/var/extensionmanager
is now used instead oftypo3temp/var/ExtensionManager
Although it is a most common understanding in the TYPO3 world that typo3temp/
can be removed at any time,
it is considered bad practice to remove the whole folder. Only folders relevant for the current development
changes should selectively be removed.