From 44bb64fdfeec29c29b84afeeb7e9aee307677ba9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Stephan=20Gro=C3=9Fberndt?= <stephan@grossberndt.de>
Date: Fri, 8 Dec 2017 12:16:16 +0100
Subject: [PATCH] [BUGFIX] Access Close.html from Resources/Public/Html/

Clicking the close button in a editing popup accesses Close.html in
Resources/Public/Html/ which is a folder accessible by a web user
instead of Resources/Private/Templates/ which lead to a HTTP 403 error
on closing the popup.

Releases: master, 8.7, 7.6
Resolves: #83258
Related: #68108
Change-Id: Ibe7e328936240df436a3c9585e53122f1577dc6e
Reviewed-on: https://review.typo3.org/54983
Tested-by: TYPO3com <no-reply@typo3.com>
Reviewed-by: Benni Mack <benni@typo3.org>
Tested-by: Benni Mack <benni@typo3.org>
Reviewed-by: Wouter Wolters <typo3@wouterwolters.nl>
Reviewed-by: Stefan Neufeind <typo3.neufeind@speedpartner.de>
Tested-by: Stefan Neufeind <typo3.neufeind@speedpartner.de>
---
 Classes/FrontendEditPanel.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Classes/FrontendEditPanel.php b/Classes/FrontendEditPanel.php
index 011873e..fcc311b 100644
--- a/Classes/FrontendEditPanel.php
+++ b/Classes/FrontendEditPanel.php
@@ -299,7 +299,7 @@ class FrontendEditPanel
     {
         $width = MathUtility::forceIntegerInRange($this->backendUser->getTSConfigVal('options.feedit.popupWidth'), 690, 5000, 690);
         $height = MathUtility::forceIntegerInRange($this->backendUser->getTSConfigVal('options.feedit.popupHeight'), 500, 5000, 500);
-        $onclick = 'vHWin=window.open(' . GeneralUtility::quoteJSvalue($url . '&returnUrl=' . rawurlencode(PathUtility::getAbsoluteWebPath(GeneralUtility::getFileAbsFileName('EXT:backend/Resources/Private/Templates/Close.html')))) . ',\'FEquickEditWindow\',\'width=' . $width . ',height=' . $height . ',status=0,menubar=0,scrollbars=1,resizable=1\');vHWin.focus();return false;';
+        $onclick = 'vHWin=window.open(' . GeneralUtility::quoteJSvalue($url . '&returnUrl=' . rawurlencode(PathUtility::getAbsoluteWebPath(GeneralUtility::getFileAbsFileName('EXT:backend/Resources/Public/Html/Close.html')))) . ',\'FEquickEditWindow\',\'width=' . $width . ',height=' . $height . ',status=0,menubar=0,scrollbars=1,resizable=1\');vHWin.focus();return false;';
         return '<a href="#" class="typo3-editPanel-btn typo3-editPanel-btn-default frontEndEditIconLinks ' . htmlspecialchars($additionalClasses) . '" onclick="' . htmlspecialchars($onclick) . '" style="display: none;">' . $string . '</a>';
     }