Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-33955

Make download_file_content()/class curl to observe "moved" headers with open_basedir or safe_mode in effect

    XMLWordPrintable

Details

    • Bug
    • Status: Closed
    • Critical
    • Resolution: Fixed
    • 2.1, 2.2, 2.3
    • 2.6
    • Libraries
    • MOODLE_21_STABLE, MOODLE_22_STABLE, MOODLE_23_STABLE
    • MOODLE_26_STABLE
    • w25_MDL-33955_m26_curlredir
    • Hide

      1/ execute phpunit tests
      2/ try all repository plugins that load stuff from external servers via curl without open_basedir restriction

      Please note that 3rd party libs that use curl extension directly are not fixed by this hack.

      Show
      1/ execute phpunit tests 2/ try all repository plugins that load stuff from external servers via curl without open_basedir restriction Please note that 3rd party libs that use curl extension directly are not fixed by this hack.

    Description

      This was discovered while fixing MDLSITE-1810

      Right now, sites with open_basedir and/or safe_mode in effect have one severe limitation in their download_file_content() implementation. They simply are not allowed to follow 30x response headers.

          if (!ini_get('open_basedir') and !ini_get('safe_mode')) {
              // TODO: add version test for '7.10.5'
              curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
              curl_setopt($ch, CURLOPT_MAXREDIRS, 5);
          }

      We should take rid of that limitation ASAP, for all supported branches, there are a lot of alternatives out there to "manually" follow them in a transparent way:

      Ciao

      Attachments

        Issue Links

          Activity

            People

              skodak Petr Skoda
              stronk7 Eloy Lafuente (stronk7)
              Sam Hemelryk Sam Hemelryk
              Damyon Wiese Damyon Wiese
              Amaia Anabitarte, Carlos Escobedo, Ferran Recio, Ilya Tregubov, Laurent David, Raquel Ortega, Sara Arjona (@sarjona)
              Votes:
              4 Vote for this issue
              Watchers:
              7 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:
                18/Nov/13