ModifyRedirectUrlValidationResultEvent¶

New in version 13.2

With this event developers have the possibility to modify the validation results for the redirect URL, allowing redirects to URLs not matching the existing validation constraints.

The PSR-14 event \TYPO3\CMS\FrontendLogin\Event\ModifyRedirectUrlValidationResultEvent provides developers with the possibility and flexibility to implement custom validation for the redirect URL in the frontend login.

This may be useful, if TYPO3 frontend login acts as an SSO system, or if users should be redirected to an external URL after login.

Example: Validate that the redirect after frontend login goes to a trusted domain¶

EXT:my_extension/Classes/EventListeners/ValidateRedirectUrl.php

<?php

declare(strict_types=1);

namespace MyVendor\MyExtension\EventListener;

use TYPO3\CMS\Core\Attribute\AsEventListener;
use TYPO3\CMS\FrontendLogin\Event\ModifyRedirectUrlValidationResultEvent;

final readonly class ValidateRedirectUrl
{
    private const TRUSTED_HOST_FOR_REDIRECT = 'example.org';

    #[AsEventListener(
        identifier: 'validate-custom-redirect-url',
    )]
    public function __invoke(ModifyRedirectUrlValidationResultEvent $event): void
    {
        $parsedUrl = parse_url($event->getRedirectUrl());
        if ($parsedUrl['host'] === self::TRUSTED_HOST_FOR_REDIRECT) {
            $event->setValidationResult(true);
        }
    }
}

New in version 13.0

The PHP attribute \TYPO3\CMS\Core\Attribute\AsEventListener has been introduced to tag a PHP class as an event listener. Alternatively, or if you need to be compatible with older TYPO3 versions, you can also register an event listener via the Configuration/Services.yaml file. Switch to an older version of this page for an example or have a look at the section Implementing an event listener in your extension.

API¶

class ModifyRedirectUrlValidationResultEvent ¶

Fully qualified name: \TYPO3\CMS\FrontendLogin\Event\ModifyRedirectUrlValidationResultEvent

Allows to modify the result of the redirect URL validation (e.g. allow redirect to specific external URLs).

getRedirectUrl ( ) ¶

Returns: string

getValidationResult ( ) ¶

Returns: bool

setValidationResult ( bool $validationResult) ¶

param $validationResult: the validationResult

getRequest ( ) ¶

Returns: PsrHttpMessageServerRequestInterface