When url signing in used, file containing relative links may be broken

[brendanheywood]

eg if you have a scorm with html and css and they refer to each other with relative link these link will be broken when served from the signing domain

workaround, have a black list / white list of file types that can be served via signing

Tasks:

• [x] add black list for files: admin_setting_filetypes
• [x] should default to exclude html and css
• [x] honor that setting in the signing

Bonus points:

• [ ] add a column to the table for 'signing safe'
• [ ] implement html relative link parse which flips that bit
• [ ] implement css relative check using lib/php-css-parser which flips that bit

example code to look at:

https://github.com/moodle/moodle/compare/master...Peterburnett:MDL-54716#diff-6ad5fe5e9e08da691d155d1adc252a68R5059-R5086

[brendanheywood]

Just had a thought, if we apply this as a blank rule there are probably a lot of files that we could safely server this way but won't. A more nuanced approach is we could do a once-off task inspect the content and check whether it contains any relative links. We'd need a handler for each content time we want to support, but a html dom parse is easy. Core also bundles lib/php-css-parser so css should be relatively easy.

[brendanheywood]

dup https://github.com/catalyst/moodle-tool_objectfs/issues/231

[brendanheywood]

@gleimermora to see a failing test, please review, tweak as needed and merge in this first:

https://github.com/catalyst/moodle-tool_objectfs/pull/232

[brendanheywood]

Close as duplicate