Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-60335

curlsecurityblockedhosts does not recognise faß.de as valid domain

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 3.3.2
    • Fix Version/s: 3.2.6, 3.3.3
    • Component/s: General
    • Labels:
    • Testing Instructions:
      Hide

      Find curlsecurityblockedhosts in the site administration and try to set it to different values including non-latin domain names such as

      • правительство.рф
      • faß.de
      • ß.ß

      Make sure the settings saves and displays back the same value.

      Show
      Find curlsecurityblockedhosts in the site administration and try to set it to different values including non-latin domain names such as правительство.рф faß.de ß.ß Make sure the settings saves and displays back the same value.
    • Affected Branches:
      MOODLE_33_STABLE
    • Fixed Branches:
      MOODLE_32_STABLE, MOODLE_33_STABLE
    • Pull Master Branch:
      wip-MDL-60335-master

      Description

      Discovered while working on MDL-60279

      PHP 7.2 deprecated INTL_IDNA_VARIANT_2003 that we use in admin setting admin_setting_configmixedhostiplist :
      https://wiki.php.net/rfc/deprecate-and-remove-intl_idna_variant_2003

      cameron1729 and I started looking at the current implementation and Cam noticed that it should be

      idn_to_ascii($entry, IDNA_NONTRANSITIONAL_TO_ASCII, INTL_IDNA_VARIANT_UTS46)
      

      because otherwise domains like faß.de would not be converted properly.

      While testing we found out that regex in line https://github.com/moodle/moodle/blob/master/lib/tests/admintree_test.php#L154 is incorrect and faß.de does not even pass validation

      So there are several problems here:
      1. correct regex in ace_encode() so it works with mixed ascii and non-ascii characters
      2. change arguments for idn_to_ascii and idn_to_unt8
      3. add unittests

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              marina Marina Glancy
              Reporter:
              marina Marina Glancy
              Peer reviewer:
              cameron1729
              Integrator:
              Jun Pataleta
              Tester:
              David Mudrák (@mudrd8mz)
              Participants:
              Component watchers:
              Adrian Greeve, Jake Dallimore, Mathew May, Mihail Geshoski, Peter Dias
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Fix Release Date:
                13/Nov/17