-
Bug
-
Resolution: Unresolved
-
Minor
-
None
-
4.1.4, 4.2.1
-
MOODLE_401_STABLE, MOODLE_402_STABLE
I'm not really sure this counts as a regression (especially as the "bug" itself is to do with a documented libcurl "feature" (more on that below)); but it's something that worked prior to MDL-76370 and now doesn't. It has broken at least one plugin: https://github.com/Panopto/Moodle-2.0-plugin-for-Panopto/issues/201
To replicate:
On a 3.9 site:
- Set up a proxy:
docker run -d --name squid-container -e TZ=UTC -p 1729:3128 ubuntu/squid:5.2-22.04_beta
- Configure Moodle to use the proxy:
- Browse to "Site administration" > "Server" > "HTTP"
- Set "Proxy host" to "localhost"
- Set "Proxy port" to 1729
- Place the following test script in your site root and call it curltest.php:
<?php
require_once('config.php');
require_once('lib/filelib.php');
$curl = new curl();
$options = [
'CURLOPT_VERBOSE' => false,
'CURLOPT_RETURNTRANSFER' => true,
'CURLOPT_HEADER' => true,
];
$response = $curl->post("https://postman-echo.com/post", ['foo' => 'bar'], $options);
$actualresponse = (isset($curl->info["header_size"])) ? substr($response, $curl->info["header_size"]) : "";
echo $actualresponse;
- Browse to [YOUR_MOODLE]/curltest.php
- Note that the response body appears complete
- Update the site to 4.0
git checkout MOODLE_400_STABLE
php admin/cli/upgrade
- Browse to [YOUR_MOODLE]/curltest.php (do it in a new tab so you can compare to the response from before)
- Notice that the response is now cut off at the start
This is happening because $curl->info["header_size"] corresponds to the value of: https://curl.se/libcurl/c/CURLINFO_HEADER_SIZE.html and as the description states
The total includes the size of any received headers suppressed by CURLOPT_SUPPRESS_CONNECT_HEADERS.
When using the Squid proxy, an additional connect header is added, but this curlopt suppresses it; however the value of header_size remains unchanged (i.e., it returns the value as if the additional header is not suppressed).
As the value of header_size is technically behaving correctly, I'm not sure this even counts as a Moodle bug/regression; but I felt it worth reporting in case anyone else comes up against this.
It may be worth investigating using curl::strip_double_headers to resolve MDL-76370 instead of CURLOPT_SUPPRESS_CONNECT_HEADERS.
- has a non-specific relationship to
-
MDL-38170 SimplePie: Cannot read https feeds through local proxy (Squid, Privoxy)
-
- Closed
-
-
MDL-72349 curl::strip_double_headers only works with HTTP/1.0 or HTTP/1.1
-
- Closed
-
- is a regression caused by
-
MDL-76370 Public / private paths security report is inaccurate when using HTTP proxy
-
- Closed
-