Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-56974

Incorrect type for redirect field in auth_email_ signup_user WS

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 3.2
    • Fix Version/s: 3.2
    • Component/s: Other
    • Labels:
    • Testing Instructions:
      Hide
      1. Enable authentication via e-mail (aka enable users to create their own accounts in the site)
      2. Ensure that advanced options like re-captcha are disabled
      3. Now, execute the following curl command, updating the curl address to point to your site:

        curl 'http://loganberry.local/sm/lib/ajax/service.php' --data-binary '[{"index":0,"methodname":"auth_email_signup_user","args":{"username": "u1", "password": "moodle", "email": "u1@example.com", "firstname": "asb", "lastname": "asdfasdf", "city": "Barcelona", "country": "ES", "redirect": "http://example.com/do/not/update/me?service=moodle_mobile_app&passport=xyz&confirmed=1"}}]' | python -m "json.tool"
        

        1. Confirm that you are shown an error relating to an invalid parameter for the redirect field
      4. Repeat the Curl call, replacing the redirect URL to something within your site:

        curl 'http://loganberry.local/sm/lib/ajax/service.php' --data-binary '[{"index":0,"methodname":"auth_email_signup_user","args":{"username": "u1", "password": "moodle", "email": "u1@example.com", "firstname": "asb", "lastname": "asdfasdf", "city": "Barcelona", "country": "ES", "redirect": "http://loganberry.local/sm/admin/tool/mobile/launch.php?service=moodle_mobile_app&passport=xyz&confirmed=1"}}]' | python -m "json.tool"
        

        1. Confirm that it does not fail and the user is created
      Show
      Enable authentication via e-mail (aka enable users to create their own accounts in the site) Ensure that advanced options like re-captcha are disabled Now, execute the following curl command, updating the curl address to point to your site: curl 'http://loganberry.local/sm/lib/ajax/service.php' --data-binary '[{"index":0,"methodname":"auth_email_signup_user","args":{"username": "u1", "password": "moodle", "email": "u1@example.com", "firstname": "asb", "lastname": "asdfasdf", "city": "Barcelona", "country": "ES", "redirect": "http://example.com/do/not/update/me?service=moodle_mobile_app&passport=xyz&confirmed=1"}}]' | python -m "json.tool" Confirm that you are shown an error relating to an invalid parameter for the redirect field Repeat the Curl call, replacing the redirect URL to something within your site: curl 'http://loganberry.local/sm/lib/ajax/service.php' --data-binary '[{"index":0,"methodname":"auth_email_signup_user","args":{"username": "u1", "password": "moodle", "email": "u1@example.com", "firstname": "asb", "lastname": "asdfasdf", "city": "Barcelona", "country": "ES", "redirect": "http://loganberry.local/sm/admin/tool/mobile/launch.php?service=moodle_mobile_app&passport=xyz&confirmed=1"}}]' | python -m "json.tool" Confirm that it does not fail and the user is created
    • Affected Branches:
      MOODLE_32_STABLE
    • Fixed Branches:
      MOODLE_32_STABLE
    • Pull from Repository:
    • Pull Master Branch:
      MDL-56974-master

      Description

      The param type should be PARAM_LOCALURL, thanks D.Monllaó for spotting that

        Attachments

          Activity

            People

            Assignee:
            jleyva Juan Leyva
            Reporter:
            jleyva Juan Leyva
            Peer reviewer:
            Dani Palou
            Integrator:
            Andrew Nicols
            Tester:
            Mark Nelson
            Participants:
            Component watchers:
            Adrian Greeve, Jake Dallimore, Mathew May, Mihail Geshoski, Peter Dias
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:
              Fix Release Date:
              5/Dec/16