CMS MADE SIMPLE FORGE

RSS2HTML

 
Back Back to List

[#8979] When fetching HTTPS URLS, the snoopy library uses exec()

avatar
Created By: Robert Campbell (calguy1000)
Date Submitted: Mon Feb 25 12:48:33 -0500 2013

Assigned To:
Version: None
CMSMS Version: None
Severity: Major
Resolution: None
State: Open
Summary:
When fetching HTTPS URLS, the snoopy library uses exec()
Detailed Description:
The magpierss library uses an old and outdated version of Snoopy.   Not sure if
this issue is fixed in later versions or not.

However. when the URL is an HTTPS url,  Snoopy uses exec() to call /usr/bin/curl
(on linux), and uses is_executable to check for it..  This fails when
open_basedir restrictions are in effect, and/or shell functions have been
disabled.

May want to see if there's a newer version of Snoopy or magpierss that uses the
php curl extensions instead of trying to do an exec()


History

Comments
avatar 
Date: 2013-02-25 13:06
Posted By: Robert Campbell (calguy1000)

Addendum:

It should be relatively simple (just a few lines of code in magpierss) to
replace Snoopy with the cms_http_request class
which does not use exec() and is capable of retrieving SSL URLS, by using
libcurl or php sockets.