• Hugh Davenport's avatar
    Fix Leap2A import from Moodle · 9748c636
    Hugh Davenport authored
    
    
    Related to bug #1047111
    
    That bug fixed the XXE attack by setting the following to true
     libxml_disable_entity_loader
    
    This caused issues with the leap2a importer used by mnet, which
    used the simplexml_load to load the xml which relies on file
    based remote entities. For this situation, a the following flag
    is used, which stops network based XXE attacks
     LIBXML_NONET
    
    Change-Id: I3d95ebc9c38374d339d66a80feaa39f5c15f1022
    Signed-off-by: default avatarHugh Davenport <hugh@catalyst.net.nz>
    9748c636
lib.php 68.9 KB