moodle

mirror of https://github.com/moodle/moodle.git synced 2025-01-19 06:18:28 +01:00

Author	SHA1	Message	Date
Eloy Lafuente (stronk7)	20d4ecc409	MDL-67034 lti_provider: php74 fix (curly braces) for LTI Provider lib	2019-11-19 10:03:12 +01:00
Viktor	898d5d05a0	MDL-62702 core_lib: fix broken verification signature	2019-03-05 04:24:53 +01:00
Mark Nelson	1a8b1f2724	MDL-62702 core_lib: updated the 'ltiprovider' readme_moodle.txt	2019-03-05 04:24:53 +01:00
Brendan Cox	d8a7e1f78d	MDL-62702 core_lib: parameters in POST override other LTI values This fixes an exploit where you could alter the 'Content-Type' of the request and bypass the case-sensitive check 'strstr'. For example, setting it to 'application/x-www-FORM-urlencoded'. However, changing this to use 'stristr' was also not an acceptable approach as you could also bypass it by setting the value to 'multipart/form-data'.	2019-03-05 04:24:53 +01:00
Nadav Kavalerchik	3cac3a8590	MDL-61110 LTIProvider: Store 'lis_course_section_sourcedid' value in DB	2018-07-07 00:50:02 +03:00
Mark Nelson	6d32804f8a	MDL-57742 core_lib: Updated readme_moodle.txt	2018-05-28 12:55:25 +08:00
David Balch	528060a1a9	MDL-57742 core_lib: Make tool_consumer_instance_guid optional In the specification, tool_consumer_instance_guid is only listed as recommended. However, the library was requiring it. https://www.imsglobal.org/specs/ltiv2p0/implementation-guide#toc-42	2018-05-28 12:47:05 +08:00
John Okely	087662037b	MDL-57704 ltiprovider: Don't force SSLv3	2017-05-02 09:33:18 +08:00
Jun Pataleta	a78d184c05	MDL-55825 core_lib: LTI tool provider library fixes * Define consumer profile member variable for ToolConsumer class * Added context type property for Context class * Set context type if 'context_type' parameter was submitted through POST This commit can be dropped once the pull requests for these changes have been integrated upstream.	2016-10-28 10:10:43 +08:00
John Okely	a1f3821ee0	MDL-53832 enrol_lti: Add LTI provider library	2016-10-19 11:14:24 +08:00

10 Commits