View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0007802 | OXID eShop (all versions) | 1.04. Content, static (register, contact etc.) pages | public | 2025-06-13 10:36 | 2025-06-24 13:48 |
| Reporter | suabo | Assigned To | |||
| Priority | normal | Severity | feature | Reproducibility | always |
| Status | confirmed | Resolution | open | ||
| Summary | 0007802: Content page allows page number parameter in SEO-URL | ||||
| Description | There is a major Problem in the Frontend-Controller since it contains the logic to add a page number to a url. This should only be used for article lists. Because of that fact you can reach every content page with any random number after it. For example: https://demoshop.oxid-esales.com/Impressum/123/ This shouldn't be possible, even if the page shows a robot tag to not index it's not ideal. I looked up the logic for the lists view and there is a validation of the page to display and also an redirect if the page doesn't exist. For example: https://demoshop.oxid-esales.com/Autos/123/ will redirect you to: https://demoshop.oxid-esales.com/Autos/ Since there is no default pagination and list view of content in OXID there shouldn't be page numbers allowed in content SEO-URLs. | ||||
| Tags | No tags attached. | ||||
| Theme | All | ||||
| Browser | Not defined | ||||
| PHP Version | Not defined | ||||
| Database Version | Not defined | ||||
|
|
Dear Suabo, thank you for reporting this issue. To my knowlegde you can always reach every content pages. Private Sales enabled this is also true. There is no additional problem if you append a number aka pagination. If you have a scenario where this is different, please provide feedback per E-mail to [email protected] referencing this issue. Also please provide feedback of a scenario where pagination for content page is a issue with impact. At the moment i would acknowledge this issue, but missing impact, only with low priority. Best Regards QA -SG- |
|
|
For list pages like the article list there is a condition checking for a valid page number and redirecting to the first one if it is not valid. This should also be done for content pages. Maybe just show a 404 error in that case. It would make more sense to move the pagination handling to a list view controller instead of the general frontend controller. This way you don't need to provide this functionality to all modules with custom views without a pagination. You should introduce a list controller between the frontend controller and the article list controller, which can be extended by modules to gain the pagination feature to make the structure more clean and reduce overhead in modules. Sistrix and Google Search Console are showing this URLs to fix. Seems like they check for working paginations, because the URLs showing are not provided anywhere. |
|
|
The contact page is also working with any number after the "/" in URL like https://demoshop.oxid-esales.com/Kontakt/420/ |
