From: Kevin Israel <pleasestand@live.com>
Date: Fri, 12 Sep 2014 10:40:00 +0000 (-0400)
Subject: CurlHttpRequest: Follow redirects even under open_basedir
X-Git-Tag: 1.31.0-rc.0~9846^2
X-Git-Url: http://git.cyclocoop.org/%7B%24admin_url%7Dmes_infos.php?a=commitdiff_plain;h=45a6214c1ee2b34aa9c78d537f56618e16892b23;p=lhc%2Fweb%2Fwiklou.git

CurlHttpRequest: Follow redirects even under open_basedir

As of PHP 5.6.0, this is now allowed provided that libcurl is version
7.19.4 or newer (to not follow redirects to file:// URLs, which would
circumvent the open_basedir restriction).

https://bugs.php.net/bug.php?id=65646
https://github.com/php/php-src/commit/fba290c061027c24e4c8effdba37addd3430c3d4

Change-Id: I1233dca563a185d12923736d8d397a3acf87a71e
---

diff --git a/includes/HttpFunctions.php b/includes/HttpFunctions.php
index d066df89e6..621692a75f 100644
--- a/includes/HttpFunctions.php
+++ b/includes/HttpFunctions.php
@@ -793,17 +793,19 @@ class CurlHttpRequest extends MWHttpRequest {
 	 * @return bool
 	 */
 	public function canFollowRedirects() {
-		if ( strval( ini_get( 'open_basedir' ) ) !== '' || wfIniGetBool( 'safe_mode' ) ) {
-			wfDebug( "Cannot follow redirects in safe mode\n" );
-			return false;
-		}
-
 		$curlVersionInfo = curl_version();
 		if ( $curlVersionInfo['version_number'] < 0x071304 ) {
 			wfDebug( "Cannot follow redirects with libcurl < 7.19.4 due to CVE-2009-0037\n" );
 			return false;
 		}
 
+		if ( version_compare( PHP_VERSION, '5.6.0', '<' ) ) {
+			if ( strval( ini_get( 'open_basedir' ) ) !== '' || wfIniGetBool( 'safe_mode' ) ) {
+				wfDebug( "Cannot follow redirects in safe mode\n" );
+				return false;
+			}
+		}
+
 		return true;
 	}
 }