$this->assertTrue(isset($token->privatetoken));
// Enable requeriments.
- $CFG->httpswwwroot = str_replace('http:', 'https:', $CFG->httpswwwroot); // Mock https.
- $CFG->enablewebservices = 1;
- $CFG->enablemobilewebservice = 1;
$_GET['wstoken'] = $token->token; // Mock parameters.
// Even if we force the password change for the current user we should be able to retrieve the key.
* Test get_autologin_key missing ws.
*/
public function test_get_autologin_key_missing_ws() {
+ global $CFG;
$this->resetAfterTest(true);
+ // Need to disable webservices to verify that's checked.
+ $CFG->enablewebservices = 0;
+ $CFG->enablemobilewebservice = 0;
+
$this->setAdminUser();
$this->expectException('moodle_exception');
$this->expectExceptionMessage(get_string('enablewsdescription', 'webservice'));
public function test_get_autologin_key_missing_https() {
global $CFG;
+ // Need to simulate a non HTTPS site here.
+ $CFG->wwwroot = str_replace('https:', 'http:', $CFG->wwwroot);
+ $CFG->httpswwwroot = str_replace('https:', 'http:', $CFG->wwwroot);
+
$this->resetAfterTest(true);
$this->setAdminUser();
- $CFG->enablewebservices = 1;
- $CFG->enablemobilewebservice = 1;
$this->expectException('moodle_exception');
$this->expectExceptionMessage(get_string('httpsrequired', 'tool_mobile'));
$this->resetAfterTest(true);
$this->setAdminUser();
- $CFG->enablewebservices = 1;
- $CFG->enablemobilewebservice = 1;
- $CFG->httpswwwroot = str_replace('http:', 'https:', $CFG->httpswwwroot);
$this->expectException('moodle_exception');
$this->expectExceptionMessage(get_string('autologinnotallowedtoadmins', 'tool_mobile'));
$this->resetAfterTest(true);
$user = $this->getDataGenerator()->create_user();
$this->setUser($user);
- $CFG->enablewebservices = 1;
- $CFG->enablemobilewebservice = 1;
- $CFG->httpswwwroot = str_replace('http:', 'https:', $CFG->httpswwwroot);
$service = $DB->get_record('external_services', array('shortname' => MOODLE_OFFICIAL_MOBILE_SERVICE));
$id = $tool1->id;
$launchurl = \enrol_lti\helper::get_launch_url($id);
- $this->assertEquals('http://www.example.com/moodle/enrol/lti/tool.php?id=' . $id, $launchurl->out());
+ $this->assertEquals('https://www.example.com/moodle/enrol/lti/tool.php?id=' . $id, $launchurl->out());
}
/**
$id = $tool1->id;
$token = \enrol_lti\helper::generate_cartridge_token($id);
$launchurl = \enrol_lti\helper::get_cartridge_url($tool1);
- $this->assertEquals('http://www.example.com/moodle/enrol/lti/cartridge.php?id=' . $id . '&token=' . $token,
+ $this->assertEquals('https://www.example.com/moodle/enrol/lti/cartridge.php?id=' . $id . '&token=' . $token,
$launchurl->out());
$CFG->slasharguments = true;
$launchurl = \enrol_lti\helper::get_cartridge_url($tool1);
- $this->assertEquals('http://www.example.com/moodle/enrol/lti/cartridge.php/' . $id . '/' . $token . '/cartridge.xml',
+ $this->assertEquals('https://www.example.com/moodle/enrol/lti/cartridge.php/' . $id . '/' . $token . '/cartridge.xml',
$launchurl->out());
$CFG->slasharguments = $slasharguments;
$id = $tool1->id;
$token = \enrol_lti\helper::generate_proxy_token($id);
$launchurl = \enrol_lti\helper::get_proxy_url($tool1);
- $this->assertEquals('http://www.example.com/moodle/enrol/lti/proxy.php?id=' . $id . '&token=' . $token,
+ $this->assertEquals('https://www.example.com/moodle/enrol/lti/proxy.php?id=' . $id . '&token=' . $token,
$launchurl->out());
$CFG->slasharguments = true;
$launchurl = \enrol_lti\helper::get_proxy_url($tool1);
- $this->assertEquals('http://www.example.com/moodle/enrol/lti/proxy.php/' . $id . '/' . $token . '/',
+ $this->assertEquals('https://www.example.com/moodle/enrol/lti/proxy.php/' . $id . '/' . $token . '/',
$launchurl->out());
$CFG->slasharguments = $slasharguments;
'itemid' => $itemid,
'filepath' => '/',
'filename' => 'Simple4.txt',
- 'url' => 'http://www.example.com/moodle/pluginfile.php/'.$context->id.'/mod_data/content/'.$itemid.'/Simple4.txt',
+ 'url' => 'https://www.example.com/moodle/pluginfile.php/'.$context->id.'/mod_data/content/'.$itemid.'/Simple4.txt',
'isdir' => false,
'timemodified' => $timemodified,
'timecreated' => $timecreated,
$this->assertEquals($expected, $filter->filter('(grr)', $options));
// And texts matching target formats are filtered.
- $expected = '<img class="icon emoticon" alt="angry" title="angry" src="http://www.example.com/moodle/theme/image.php/_s/boost/core/1/s/angry" />';
+ $expected = '<img class="icon emoticon" alt="angry" title="angry" src="https://www.example.com/moodle/theme/image.php/_s/boost/core/1/s/angry" />';
$options = array('originalformat' => FORMAT_HTML); // Only FORMAT_HTML is filtered, see {@link testable_filter_emoticon}.
$this->assertEquals($expected, $filter->filter('(grr)', $options));
}
$this->yui3loader = new stdClass();
$this->YUI_config = new YUI_config();
- if (is_https()) {
+ if (is_https() && !empty($CFG->useexternalyui)) {
// On HTTPS sites all JS must be loaded from https sites,
// YUI CDN does not support https yet, sorry.
$CFG->useexternalyui = 0;
}
// override CFG settings if necessary and throw away extra CFG settings
-$CFG->wwwroot = 'http://www.example.com/moodle';
+$CFG->wwwroot = 'https://www.example.com/moodle';
$CFG->dataroot = $CFG->phpunit_dataroot;
$CFG->prefix = $CFG->phpunit_prefix;
$CFG->dbtype = isset($CFG->phpunit_dbtype) ? $CFG->phpunit_dbtype : $CFG->dbtype;
global $CFG;
$this->resetAfterTest();
- $this->assertEquals('http://www.example.com/moodle', $CFG->wwwroot);
+ $this->assertEquals('https://www.example.com/moodle', $CFG->wwwroot);
$_SERVER = array();
$_SERVER['SERVER_SOFTWARE'] = 'Apache/2.2.22 (Unix)';
public function test_filter_normal() {
$this->resetAfterTest();
filter_set_global_state('emoticon', TEXTFILTER_ON);
- $this->assertRegExp('~^<p><img class="icon emoticon" alt="smile" title="smile" src="http://www.example.com/moodle/theme/image.php/_s/boost/core/1/s/smiley" /></p>$~',
+ $this->assertRegExp('~^<p><img class="icon emoticon" alt="smile" title="smile" src="https://www.example.com/moodle/theme/image.php/_s/boost/core/1/s/smiley" /></p>$~',
$this->filter_text('<p>:-)</p>', array()));
}
public function test_disabling_other_filter_does_not_break_it() {
$this->resetAfterTest();
filter_set_global_state('emoticon', TEXTFILTER_ON);
- $this->assertRegExp('~^<p><img class="icon emoticon" alt="smile" title="smile" src="http://www.example.com/moodle/theme/image.php/_s/boost/core/1/s/smiley" /></p>$~',
+ $this->assertRegExp('~^<p><img class="icon emoticon" alt="smile" title="smile" src="https://www.example.com/moodle/theme/image.php/_s/boost/core/1/s/smiley" /></p>$~',
$this->filter_text('<p>:-)</p>', array('urltolink')));
}
$this->resetAfterTest();
filter_set_global_state('emoticon', TEXTFILTER_ON);
filter_set_global_state('urltolink', TEXTFILTER_ON);
- $this->assertRegExp('~^<p><img class="icon emoticon" alt="smile" title="smile" src="http://www.example.com/moodle/theme/image.php/_s/boost/core/1/s/smiley" /> http://google.com/</p>$~',
+ $this->assertRegExp('~^<p><img class="icon emoticon" alt="smile" title="smile" src="https://www.example.com/moodle/theme/image.php/_s/boost/core/1/s/smiley" /> http://google.com/</p>$~',
$this->filter_text('<p>:-) http://google.com/</p>', array('glossary', 'urltolink')));
}
}
$this->assertSame('/just/a/path', clean_param('/just/a/path', PARAM_LOCALURL));
$this->assertSame('course/view.php?id=3', clean_param('course/view.php?id=3', PARAM_LOCALURL));
- // Local absolute HTTPS.
+ // Local absolute HTTPS in a non HTTPS site.
+ $CFG->wwwroot = str_replace('https:', 'http:', $CFG->wwwroot); // Need to simulate non-https site.
$httpsroot = str_replace('http:', 'https:', $CFG->wwwroot);
- $CFG->loginhttps = false;
+ $CFG->loginhttps = false; // Not allowed.
$this->assertSame('', clean_param($httpsroot, PARAM_LOCALURL));
$this->assertSame('', clean_param($httpsroot . '/with/something?else=true', PARAM_LOCALURL));
- $CFG->loginhttps = true;
+ $CFG->loginhttps = true; // Allowed.
+ $this->assertSame($httpsroot, clean_param($httpsroot, PARAM_LOCALURL));
+ $this->assertSame($httpsroot . '/with/something?else=true',
+ clean_param($httpsroot . '/with/something?else=true', PARAM_LOCALURL));
+
+ // Local absolute HTTPS in a HTTPS site.
+ $CFG->wwwroot = str_replace('https:', 'http:', $CFG->wwwroot);
+ $httpsroot = $CFG->wwwroot;
+ $CFG->loginhttps = false; // Always allowed.
+ $this->assertSame($httpsroot, clean_param($httpsroot, PARAM_LOCALURL));
+ $this->assertSame($httpsroot . '/with/something?else=true',
+ clean_param($httpsroot . '/with/something?else=true', PARAM_LOCALURL));
+ $CFG->loginhttps = true; // Always allowed.
$this->assertSame($httpsroot, clean_param($httpsroot, PARAM_LOCALURL));
$this->assertSame($httpsroot . '/with/something?else=true',
clean_param($httpsroot . '/with/something?else=true', PARAM_LOCALURL));
$this->assertEquals(1, $CFG->slasharguments);
$this->assertEquals(1, $CFG->themerev);
$this->assertEquals(0, $CFG->themedesignermode);
- $this->assertSame('http://www.example.com/moodle', $CFG->wwwroot);
+ $this->assertSame('https://www.example.com/moodle', $CFG->wwwroot);
$this->assertSame($CFG->wwwroot, $CFG->httpswwwroot);
$this->assertEquals(0, $CFG->enablegravatar);
$this->assertSame('mm', $CFG->gravatardefaulturl);
$up3 = new user_picture($user3);
$this->assertSame($CFG->wwwroot.'/theme/image.php/boost/core/1/u/f2', $up3->get_url($page, $renderer)->out(false));
+ // Http version.
+ $CFG->wwwroot = str_replace('https:', 'http:', $CFG->wwwroot);
+ $CFG->httpswwwroot = str_replace('https:', 'http:', $CFG->wwwroot);
+
// Verify defaults to misteryman (mm).
$up2 = new user_picture($user2);
$this->assertSame('http://www.gravatar.com/avatar/ab53a2911ddf9b4817ac01ddcd3d975f?s=35&d=mm', $up2->get_url($page, $renderer)->out(false));
$initialloginhttps = $CFG->loginhttps;
$httpswwwroot = str_replace('http:', 'https:', $CFG->wwwroot);
- $CFG->loginhttps = false;
// Simple local URL.
$url = $CFG->wwwroot . '/something/here?really=yes';
$infos = $this->get_exception_info($exception);
$this->assertSame($CFG->wwwroot . '/', $infos->link);
- // HTTPS URL when login HTTPS is not enabled.
+ // HTTPS URL when login HTTPS is not enabled and site is HTTP.
+ $CFG->loginhttps = false;
+ $CFG->wwwroot = str_replace('https:', 'http:', $CFG->wwwroot);
$url = $httpswwwroot . '/something/here?really=yes';
$exception = new moodle_exception('none', 'error', $url);
$infos = $this->get_exception_info($exception);
$this->assertSame($CFG->wwwroot . '/', $infos->link);
- // HTTPS URL with login HTTPS.
+ // HTTPS URL when login HTTPS is not enabled and site is HTTPS.
+ $CFG->wwwroot = str_replace('http:', 'https:', $CFG->wwwroot);
+ $url = $httpswwwroot . '/something/here?really=yes';
+ $exception = new moodle_exception('none', 'error', $url);
+ $infos = $this->get_exception_info($exception);
+ $this->assertSame($url, $infos->link);
+
+ // HTTPS URL when login HTTPS enabled and site is HTTP.
$CFG->loginhttps = true;
+ $CFG->wwwroot = str_replace('https:', 'http:', $CFG->wwwroot);
+ $url = $httpswwwroot . '/something/here?really=yes';
+ $exception = new moodle_exception('none', 'error', $url);
+ $infos = $this->get_exception_info($exception);
+ $this->assertSame($url, $infos->link);
+
+ // HTTPS URL when login HTTPS enabled and site is HTTPS.
+ $CFG->wwwroot = str_replace('http:', 'https:', $CFG->wwwroot);
$url = $httpswwwroot . '/something/here?really=yes';
$exception = new moodle_exception('none', 'error', $url);
$infos = $this->get_exception_info($exception);
$infos = $this->get_exception_info($exception);
$this->assertSame($url, $infos->link);
- // Internal HTTPS link from fromurl without login HTTPS.
- $CFG->loginhttps = false;
- $SESSION->fromurl = $httpswwwroot . '/something/here?really=yes';
- $exception = new moodle_exception('none');
- $infos = $this->get_exception_info($exception);
- $this->assertSame($CFG->wwwroot . '/', $infos->link);
-
// External link from fromurl.
$SESSION->fromurl = 'http://moodle.org/something/here?really=yes';
$exception = new moodle_exception('none');
$this->resetAfterTest();
filter_set_global_state('emoticon', TEXTFILTER_ON);
$this->assertRegExp('~^<p><img class="icon emoticon" alt="smile" title="smile" ' .
- 'src="http://www.example.com/moodle/theme/image.php/_s/boost/core/1/s/smiley" /></p>$~',
+ 'src="https://www.example.com/moodle/theme/image.php/_s/boost/core/1/s/smiley" /></p>$~',
format_text('<p>:-)</p>', FORMAT_HTML));
}
$this->resetAfterTest();
filter_set_global_state('emoticon', TEXTFILTER_ON);
$this->assertRegExp('~^<p><em><img class="icon emoticon" alt="smile" title="smile" ' .
- 'src="http://www.example.com/moodle/theme/image.php/_s/boost/core/1/s/smiley" />' .
+ 'src="https://www.example.com/moodle/theme/image.php/_s/boost/core/1/s/smiley" />' .
'</em></p>\n$~',
format_text('*:-)*', FORMAT_MARKDOWN));
}
filter_set_global_state('emoticon', TEXTFILTER_ON);
$this->assertRegExp('~^<div class="text_to_html"><p>' .
'<img class="icon emoticon" alt="smile" title="smile" ' .
- 'src="http://www.example.com/moodle/theme/image.php/_s/boost/core/1/s/smiley" /></p></div>$~',
+ 'src="https://www.example.com/moodle/theme/image.php/_s/boost/core/1/s/smiley" /></p></div>$~',
format_text('<p>:-)</p>', FORMAT_MOODLE));
}
This files describes API changes in core libraries and APIs,
information provided here is intended especially for developers.
=== 3.3 ===
+* PHPUnit's bootstrap has been changed to use HTTPS wwwroot (https://www.example.com/moodle) from previous HTTP version. Any
+ existing test expecting the old HTTP URLs will need to be switched to the new HTTPS value (reference: MDL-54901).
* The information returned by the idp list has changed. This is usually only rendered by the login page and login block.
The icon attribute is removed and an iconurl attribute has been added.
* Support added for a new type of external file: FILE_CONTROLLED_LINK. This is an external file that Moodle can control
'~{$a',
'~&(amp|lt|gt|quot|\#039);(?!course)',
'Attachment example.txt:\n' .
- 'http://www.example.com/moodle/pluginfile.php/\d*/mod_forum/attachment/\d*/example.txt\n',
+ 'https://www.example.com/moodle/pluginfile.php/\d*/mod_forum/attachment/\d*/example.txt\n',
'Hello Moodle', 'Moodle Forum', 'Welcome.*Moodle', 'Love Moodle', '1\d1'
),
),
'~{$a',
'~&(amp|lt|gt|quot|\#039);(?!course)',
'Attachment example.txt:\n' .
- 'http://www.example.com/moodle/pluginfile.php/\d*/mod_forum/attachment/\d*/example.txt\n',
+ 'https://www.example.com/moodle/pluginfile.php/\d*/mod_forum/attachment/\d*/example.txt\n',
'Text and image', 'Moodle Forum',
'Welcome to Moodle, *\n.*'
- .'http://www.example.com/moodle/pluginfile.php/\d+/mod_forum/post/\d+/'
+ .'https://www.example.com/moodle/pluginfile.php/\d+/mod_forum/post/\d+/'
.'Screen%20Shot%202016-03-22%20at%205\.54\.36%20AM%20%281%29\.png *\n.*!',
'Love Moodle', '1\d1');
$textcases['Text mail with text+image message i.e. @@PLUGINFILE@@ token handling'] = array('data' => $newcase);
'<div class="attachments">( *\n *)?<a href',
'<div class="subject">\n.*HTML text and image', '>Moodle Forum',
'<p>Welcome to Moodle, '
- .'<img src="http://www.example.com/moodle/pluginfile.php/\d+/mod_forum/post/\d+/'
+ .'<img src="https://www.example.com/moodle/pluginfile.php/\d+/mod_forum/post/\d+/'
.'Screen%20Shot%202016-03-22%20at%205\.54\.36%20AM%20%281%29\.png"'
.' alt="" width="200" height="393" class="img-responsive" />!</p>',
'>Love Moodle', '>1\d1');
