MDL-72203 curl: Warn if someone actually started to use $maxredirects

The new parameter of curl_security_helper::url_is_blocked() introduced in MDL-71916 became part of the API. Even if we reverted it quickly, someone can use a released Moodle version that has that parameter in place. For that reason and also to avoid potential troubles in the future (e.g. when yet another argument would be added to this method), we need to make it clear that the second parameter of this method should never be used again. Poor $maxredirects, you did not live long with us. Oh well.
2025-04-14 04:52:36 +02:00 · 2021-07-22 23:20:14 +02:00 · 2021-07-22 23:20:14 +02:00 · 6e5454780d
commit 6e5454780d
parent c619cd1425
1 changed files with 7 additions and 1 deletions
--- a/lib/classes/files/curl_security_helper.php
+++ b/lib/classes/files/curl_security_helper.php
@ -60,9 +60,15 @@ class curl_security_helper extends curl_security_helper_base {
     * could not be parsed, as well as those valid URLs which were found in the blocklist.
     *
     * @param string $urlstring the URL to check.
+     * @param int $notused There used to be an optional parameter $maxredirects for a short while here, not used any more.
     * @return bool true if the URL is blocked or invalid and false if the URL is not blocked.
     */
-    public function url_is_blocked($urlstring) {
+    public function url_is_blocked($urlstring, $notused = null) {
+
+        if ($notused !== null) {
+            debugging('The $maxredirects parameter of curl_security_helper::url_is_blocked() has been dropped!', DEBUG_DEVELOPER);
+        }
+
        // If no config data is present, then all hosts/ports are allowed.
        if (!$this->is_enabled()) {
            return false;