mirror/moodle-auth_outage
1
0
Fork 0
mirror of https://github.com/catalyst/moodle-auth_outage.git synced 2026-05-17 05:48:43 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix URL is blocked message when not behind a proxy/load balancer

Browse Source 
When there is no proxy/load balancer and curlsecurityblockedhosts is set to
default (i.e. has 127.0.0.1 in it) fetching the outage page will result in
a "The URL is blocked." message. This resolves that issue by passing
ignoresecurity to the curl object.
This commit is contained in:
Rossco Hellmans
2025-02-10 12:35:44 +10:00
parent 11fbe64c46
commit 51db933862
2 changed files with 32 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
classes/local/outagelib.php
View File

@@ -57,7 +57,7 @@ class outagelib {
global $CFG;
require_once($CFG->libdir . '/filelib.php');
$curl = new curl();
$curl = new curl(['ignoresecurity' => true]);
$contents = $curl->get($file);
$info = $curl->get_info();
if (!empty($info['content_type'])) {

31
tests/local/controllers/maintenance_static_page_test.php
View File

@@ -423,6 +423,37 @@ class maintenance_static_page_test extends \auth_outage\base_testcase {
maintenance_static_page_io::file_get_data(200);
}
/**
* Test file_get_data with curlsecurityblockedhosts.
* We will use an external URL to test passing ignoresecurity inside of file_get_data works,
* ideally in real code we should only be calling file_get_data with internal URLs.
*/
public function test_file_get_data_curlsecurityblockedhosts() {
global $CFG, $USER;
$testhtml = $this->getExternalTestFileUrl('/test.html');
$url = new \moodle_url($testhtml);
$host = $url->get_host();
set_config('curlsecurityblockedhosts', $host); // Blocks $host.
// Test a regular curl with the default security enabled does in fact get blocked.
$curl = new \curl();
$contents = $curl->get($testhtml);
$expected = $curl->get_security()->get_blocked_url_string();
self::assertSame($expected, $contents);
self::assertSame(0, $curl->get_errno());
if ($CFG->branch >= 403) {
self::assertDebuggingCalled(
"Blocked $testhtml: The URL is blocked. [user {$USER->id}]", DEBUG_NONE);
}
// Test file_get_data does return the page and isn't blocked by security.
$found = maintenance_static_page_io::file_get_data($url->out());
$expected = '47250a973d1b88d9445f94db4ef2c97a';
self::assertSame($expected, md5($found['contents']));
self::assertSame('text/html', $found['mime']);
}
/**
* Test remove css selector.
*/