From 40fccef237eb05fd9a0d3af6d4c41fb12bad9546 Mon Sep 17 00:00:00 2001 From: Tomo Tsuyuki Date: Thu, 18 Jun 2026 11:38:27 +1000 Subject: [PATCH] Revert "Fix URL is blocked message when not behind a proxy/load balancer" This reverts commit 51db933862b08945edabbb1df84ce5e349a5604c. --- classes/local/outagelib.php | 2 +- .../maintenance_static_page_test.php | 33 ------------------- version.php | 4 +-- 3 files changed, 3 insertions(+), 36 deletions(-) diff --git a/classes/local/outagelib.php b/classes/local/outagelib.php index e048c74..35565d3 100644 --- a/classes/local/outagelib.php +++ b/classes/local/outagelib.php @@ -56,7 +56,7 @@ class outagelib { global $CFG; require_once($CFG->libdir . '/filelib.php'); - $curl = new curl(['ignoresecurity' => true]); + $curl = new curl(); $contents = $curl->get($file); $info = $curl->get_info(); if (!empty($info['content_type'])) { diff --git a/tests/local/controllers/maintenance_static_page_test.php b/tests/local/controllers/maintenance_static_page_test.php index 1b22f89..fd0a68f 100644 --- a/tests/local/controllers/maintenance_static_page_test.php +++ b/tests/local/controllers/maintenance_static_page_test.php @@ -431,39 +431,6 @@ final class maintenance_static_page_test extends \auth_outage\base_testcase { maintenance_static_page_io::file_get_data(200); } - /** - * Test file_get_data with curlsecurityblockedhosts. - * We will use an external URL to test passing ignoresecurity inside of file_get_data works, - * ideally in real code we should only be calling file_get_data with internal URLs. - */ - public function test_file_get_data_curlsecurityblockedhosts(): void { - global $CFG, $USER; - - $testhtml = $this->getExternalTestFileUrl('/test.html'); - $url = new \moodle_url($testhtml); - $host = $url->get_host(); - set_config('curlsecurityblockedhosts', $host); // Blocks $host. - - // Test a regular curl with the default security enabled does in fact get blocked. - $curl = new \curl(); - $contents = $curl->get($testhtml); - $expected = $curl->get_security()->get_blocked_url_string(); - self::assertSame($expected, $contents); - self::assertSame(0, $curl->get_errno()); - if ($CFG->branch >= 403) { - self::assertDebuggingCalled( - "Blocked $testhtml: The URL is blocked. [user {$USER->id}]", - DEBUG_NONE - ); - } - - // Test file_get_data does return the page and isn't blocked by security. - $found = maintenance_static_page_io::file_get_data($url->out()); - $expected = 'Moodle is a software package for producing internet-based courses and web sites.'; - self::assertStringContainsString($expected, $found['contents']); - self::assertSame('text/html', $found['mime']); - } - /** * Test remove css selector. */ diff --git a/version.php b/version.php index 8829c7d..3e06da0 100644 --- a/version.php +++ b/version.php @@ -28,8 +28,8 @@ defined('MOODLE_INTERNAL') || die(); $plugin->component = "auth_outage"; -$plugin->version = 2026011303; // The current plugin version (Date: YYYYMMDDXX). -$plugin->release = 2026011303; // Human-readable release information. +$plugin->version = 2026011304; // The current plugin version (Date: YYYYMMDDXX). +$plugin->release = 2026011304; // Human-readable release information. $plugin->requires = 2025100600; // Moodle 5.1. $plugin->maturity = MATURITY_STABLE; // Suitable for PRODUCTION environments! $plugin->supported = [501, 501]; // A range of branch numbers of supported moodle versions.