Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-33955

Make download_file_content()/class curl to observe "moved" headers with open_basedir or safe_mode in effect

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • Critical
    • 2.6
    • 2.1, 2.2, 2.3
    • Libraries
    • MOODLE_21_STABLE, MOODLE_22_STABLE, MOODLE_23_STABLE
    • MOODLE_26_STABLE
    • w25_MDL-33955_m26_curlredir
    • Hide

      1/ execute phpunit tests
      2/ try all repository plugins that load stuff from external servers via curl without open_basedir restriction

      Please note that 3rd party libs that use curl extension directly are not fixed by this hack.

      Show
      1/ execute phpunit tests 2/ try all repository plugins that load stuff from external servers via curl without open_basedir restriction Please note that 3rd party libs that use curl extension directly are not fixed by this hack.

    Description

      This was discovered while fixing MDLSITE-1810

      Right now, sites with open_basedir and/or safe_mode in effect have one severe limitation in their download_file_content() implementation. They simply are not allowed to follow 30x response headers.

          if (!ini_get('open_basedir') and !ini_get('safe_mode')) {
              // TODO: add version test for '7.10.5'
              curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
              curl_setopt($ch, CURLOPT_MAXREDIRS, 5);
          }

      We should take rid of that limitation ASAP, for all supported branches, there are a lot of alternatives out there to "manually" follow them in a transparent way:

      Ciao

      Attachments

        Issue Links

          Activity

            People

              skodak Petr Skoda (Inactive)
              stronk7 Eloy Lafuente (stronk7)
              Sam Hemelryk Sam Hemelryk
              Damyon Wiese Damyon Wiese
              Votes:
              4 Vote for this issue
              Watchers:
              7 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Clockify

                  Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.