Merge branch 'MDL-69050-310-allowlist' of git://github.com/mudrd8mz/moodle into MOODLE_310_STABLE

2025-08-06 17:36:38 +02:00 · 2020-10-01 14:51:12 +02:00 · 2020-10-01 14:51:12 +02:00 · 7db1a61a72
commit 7db1a61a72
parent e2a73965ca 6fe5bb1b96
36 changed files with 381 additions and 271 deletions
--- a/admin/cli/svgtool.php
+++ b/admin/cli/svgtool.php
@ -38,17 +38,17 @@ if ($unrecognized) {
 }

 // If necessary add files that should be ignored - such as in 3rd party plugins.
-$blacklist = array();
+$ignorelist = array();
 $path = $options['path'];
 if (!file_exists($path)) {
    cli_error("Invalid path $path");
 }

 if ($options['ie9fix']) {
-    core_admin_recurse_svgs($path, '', 'core_admin_svgtool_ie9fix', $blacklist);
+    core_admin_recurse_svgs($path, '', 'core_admin_svgtool_ie9fix', $ignorelist);

 } else if ($options['noaspectratio']) {
-    core_admin_recurse_svgs($path, '', 'core_admin_svgtool_noaspectratio', $blacklist);
+    core_admin_recurse_svgs($path, '', 'core_admin_svgtool_noaspectratio', $ignorelist);

 } else {
    $help =
@ -153,9 +153,9 @@ function core_admin_svgtool_noaspectratio($file) {
 * @param string $base
 * @param string $sub
 * @param string $filecallback
- * @param array $blacklist
+ * @param array $ignorelist List of files to be ignored and skipped.
 */
-function core_admin_recurse_svgs($base, $sub, $filecallback, $blacklist) {
+function core_admin_recurse_svgs($base, $sub, $filecallback, $ignorelist) {
    if (is_dir("$base/$sub")) {
        $items = new DirectoryIterator("$base/$sub");
        foreach ($items as $item) {
@ -163,7 +163,7 @@ function core_admin_recurse_svgs($base, $sub, $filecallback, $blacklist) {
                continue;
            }
            $file = $item->getFilename();
-            core_admin_recurse_svgs("$base/$sub", $file, $filecallback, $blacklist);
+            core_admin_recurse_svgs("$base/$sub", $file, $filecallback, $ignorelist);
        }
        unset($item);
        unset($items);
@ -174,7 +174,7 @@ function core_admin_recurse_svgs($base, $sub, $filecallback, $blacklist) {
            return;
        }
        $file = realpath("$base/$sub");
-        if (in_array($file, $blacklist)) {
+        if (in_array($file, $ignorelist)) {
            return;
        }
        $filecallback($file);
--- a/admin/tool/dbtransfer/locallib.php
+++ b/admin/tool/dbtransfer/locallib.php
@ -142,7 +142,7 @@ function tool_dbtransfer_get_drivers() {
        $dblibrary = $matches[2];

        if ($dbtype === 'sqlite3') {
-            // Blacklist unfinished drivers.
+            // The sqlite3 driver is not fully working yet and should not be returned.
            continue;
        }

--- a/admin/webservice/testclient.php
+++ b/admin/webservice/testclient.php
@ -61,7 +61,7 @@ foreach ($allfunctions as $f) {
    }
 }

-// whitelisting security
+// Allow only functions available for testing.
 if (!isset($functions[$function])) {
    $function = '';
 }
@ -81,7 +81,9 @@ foreach ($active_protocols as $p) {
    }
    $protocols[$p] = get_string('pluginname', 'webservice_'.$p);
 }
-if (!isset($protocols[$protocol])) { // whitelisting security
+
+// Allow only protocols supporting the test client.
+if (!isset($protocols[$protocol])) {
    $protocol = '';
 }