Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-29619

Resource URL should be properly filtered before generating output

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Critical
    • Resolution: Fixed
    • Affects Version/s: 2.0.5, 2.1.2, 2.2
    • Fix Version/s: 2.0.6, 2.1.3
    • Component/s: Resource
    • Labels:
    • Testing Instructions:
      Hide

      1. Add few URL resource to a page
      2. Edit the filed "externalurl" in the table "url" directly from database to contain some invalid urls (for example:- hxxp://something) and/or empty strings.
      3. Try to access those urls from the course page and make sure they generate errors!
      4. Make sure valid urls are displayed normally and there is no regressions.

      Show
      1. Add few URL resource to a page 2. Edit the filed "externalurl" in the table "url" directly from database to contain some invalid urls (for example:- hxxp://something) and/or empty strings. 3. Try to access those urls from the course page and make sure they generate errors! 4. Make sure valid urls are displayed normally and there is no regressions.
    • Affected Branches:
      MOODLE_20_STABLE, MOODLE_21_STABLE, MOODLE_22_STABLE
    • Fixed Branches:
      MOODLE_20_STABLE, MOODLE_21_STABLE
    • Pull Master Branch:
      MDL-29619-master

      Description

      Due to the issues as reported in MDL-28483, we might have resource urls with empty and invalid URL in the database.
      When displaying output, this data should be properly filtered and an error must be generated if the URL is invalid or empty.
      At present it simply displays the output page, even if there is an empty url associated with it.

        Gliffy Diagrams

        1. url1.PNG
          24 kB
        2. url2.PNG
          24 kB

          Issue Links

            Activity

            Hide
            rwijaya Rossiani Wijaya added a comment -

            This looks good Ankit.

            Show
            rwijaya Rossiani Wijaya added a comment - This looks good Ankit.
            Hide
            ankit_frenz Ankit Agarwal added a comment -

            Thanks Rosie for the review!
            Up for integration!
            Thanks

            Show
            ankit_frenz Ankit Agarwal added a comment - Thanks Rosie for the review! Up for integration! Thanks
            Hide
            nebgor Aparup Banerjee added a comment -

            Thanks, this has been integrated.
            (I almost forgot why but then re-read MDL-28483.)

            Show
            nebgor Aparup Banerjee added a comment - Thanks, this has been integrated. (I almost forgot why but then re-read MDL-28483 .)
            Hide
            samhemelryk Sam Hemelryk added a comment -

            Thanks guys - passed

            Show
            samhemelryk Sam Hemelryk added a comment - Thanks guys - passed
            Hide
            stronk7 Eloy Lafuente (stronk7) added a comment -

            Done, your delicious hacks have been sent upstream, many thanks!

            Closing as fixed, ciao

            Show
            stronk7 Eloy Lafuente (stronk7) added a comment - Done, your delicious hacks have been sent upstream, many thanks! Closing as fixed, ciao

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Fix Release Date:
                  28/Nov/11