forked from Wavyzz/dolibarr
# SEC: #28168 Correct protocol limitations (PHP7.4/Win) Protocol limitation was not active during test on windows platform. Moving the application of the limitation just before the curl_exec instruction made the limitation effective. Also extended the code to enable allowing ftp and ftps and extended the code for [CURLOPT_REDIR_PROTOCOLS_STR](https://www.php.net/manual/en/curl.constants.php#constant.curlopt-redir-protocols-str).
This commit is contained in:
MDW
@@ -918,7 +918,7 @@ class SecurityTest extends PHPUnit\Framework\TestCase
|
||||
$url = 'ftp://mydomain.com';
|
||||
$tmp = getURLContent($url);
|
||||
print __METHOD__." url=".$url."\n";
|
||||
$this->assertGreaterThan(0, strpos($tmp['curl_error_msg'], 'not supported')); // Test error if return does not contains 'not supported'
|
||||
$this->assertRegExp("/not supported/", $tmp['curl_error_msg'], "Should disable ftp connection"); // Test error if return does not contains 'not supported'
|
||||
|
||||
$url = 'https://www.dolibarr.fr'; // This is a redirect 301 page
|
||||
$tmp = getURLContent($url, 'GET', '', 0); // We do NOT follow
|
||||
|
||||
Reference in New Issue
Block a user