Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-72044

Automated detection of code which doesn't use a proxy and should use curl library

    XMLWordPrintable

Details

    • Improvement
    • Status: Closed
    • Minor
    • Resolution: Duplicate
    • Future Dev
    • None
    • Libraries
    • None

    Description

      There is a lot of plugins and chunks of core which reach out to the internet directly using either file_get_contents / fopen / or one of the other built in php streams handlers, or using the raw curl library when they should instead use the moodle curl library so that proxy settings are honored.

      There is also other http clients like guzzle in use in various places. It's hard to capture them all, but for at least the ones which use streams we should be able to capture this at unit test / behat test time using some stream instrumentation. 

      The outcome here is a script which can be optionally included early in the moodle bootstrap which will emit debugging errors if outside traffic is detected via the medium.

      Attachments

        Issue Links

          duplicates

          New Feature - A new Moodle feature which has yet to be developed. MDL-72486 Add developer options to warn when making unsafe unproxied requests

          • Minor - Minor loss of function where workaround is possible
          • Closed

          Activity

            People

              Unassigned Unassigned
              brendanheywood Brendan Heywood
              David Woloszyn, Huong Nguyen, Jake Dallimore, Meirza, Michael Hawkins, Raquel Ortega, Safat Shahin, Stevani Andolo
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: