Page MenuHomePhabricator
Create Task
Maniphest T116704

MediaWiki CI tests should run with allow_url_fopen set to false
Open, MediumPublic
Actions

Description

Code using "data://" URLs requires allow_url_fopen to be enabled, which is not required (and not very good in general for the production setup).

Can we make sure we run tests with this disabled?

I catched

https://gerrit.wikimedia.org/r/#/c/4155/14/tests/phpunit/maintenance/fetchTextTest.php (line 69)

and https://phabricator.wikimedia.org/T116701 today.

Related Objects
Search...

Event Timeline

saper created this task.Oct 26 2015, 11:56 PM
saper raised the priority of this task from to Medium.
saper updated the task description. (Show Details)
saper added a project: Continuous-Integration-Infrastructure.
saper added subscribers: saper, hashar.
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptOct 26 2015, 11:56 PM
saper added a project: MediaWiki-Core-Tests.Oct 27 2015, 12:14 AM
saper set Security to None.
hashar added a comment.Oct 27 2015, 9:48 AM

You probably want to disable it explicitly in tests/phpunit/MediaWikiTestCase.php setUp() method.

Haven't tested the effect though.

hashar removed a project: Continuous-Integration-Infrastructure.Oct 27 2015, 9:48 AM
saper updated the task description. (Show Details)Oct 27 2015, 5:57 PM
saper added subtasks: T116701: XMPReader::checkParseSafely requires allow_url_fopen to be set enabled, T75283: ImportTest::testHandlePageContainsRedirect causes MWException: Cannot create InputStreamSource.Oct 27 2015, 6:01 PM
saper added a comment.Oct 27 2015, 6:16 PM

@hashar bad news, allow_url_fopen is settable only in the system-wide php.ini file:

http://php.net/manual/en/filesystem.configuration.php

hashar added a comment.Oct 28 2015, 11:55 AM

On the Jenkins slaves, the php.ini should be the same as the one used on Wikimedia production.

Seems we can pass the setting via PHP -d. Using 5.3.29:

$ php -a
Interactive shell

php > var_dump( ini_get('allow_url_fopen') );
string(1) "1"

php > var_dump( ini_set('allow_url_fopen', 0) );
bool(false)

php > var_dump( ini_get('allow_url_fopen') );
string(1) "1"

So yeah we can not use ini_set. But:

$ php -a -d allow_url_fopen=0
Interactive shell

php > var_dump( ini_get('allow_url_fopen') );
string(1) "0"
php >

One possibility would be to have an addition ini files to be populated via puppet under /etc/php5/cli/conf.d/. But then it will apply to any php runs.

Maybe we can craft a specific ini file that would be in integration/jenkins.git under /etcthen update the various wrapping scripts we have in /bin to refer to it.

So we would update the various /bin/mw-run-phpunit* scripts to refer to it:

php -c /srv/deployment/integration/slave-scripts/etc/php-mw-ci.ini \
    ... rest of stuff ...
Krinkle moved this task from Inbox to PHPUnit on the MediaWiki-Core-Tests board.Jul 7 2017, 5:20 AM
Seb35 mentioned this in T116701: XMPReader::checkParseSafely requires allow_url_fopen to be set enabled.Sep 24 2018, 11:55 AM
Umherirrender closed subtask T75283: ImportTest::testHandlePageContainsRedirect causes MWException: Cannot create InputStreamSource as Resolved.Apr 2 2022, 8:37 PM
hashar unsubscribed.Apr 20 2022, 12:38 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits