* Do not follow redirects by default. This breaks on safe_mode, and may potentially open security vulnerabilities in callers which blacklist domain names. Instead, send followRedirects=true option in the HttpTest caller that needs it.
* Added a check for the cURL security vulnerability CVE-2009-0037, which allowed redirects to file:/// and scp://. Refuse to follow redirects if a vulnerable client library is present.
* Factored out the redirect compatibility test into public function canFollowRedirects() so that callers can provide this information to users.
* In PhpHttpRequest, only follow redirects to HTTP URLs, do not fopen() arbitrary locations. This is not quite as bad as it sounds, since the lack of response headers prevents file:/// content from being returned to the caller.
* Fixed vertical alignment in Http::request(), per style guide.
* 304, 305 and 306 responses are not really redirects and cannot contain a Location header.
* Document parseHeader()
* Separate out setStatus() so it can be called from execute()
* Avoid core dumps on older PHPs when using PhpHttpRequest and doing redirects
* Add getResponseHeader() for getting the response headers
* Add special handling on tests for older PHP
“make tap” spawns a new php instance for each test file.
Found some problems with date/time parsing on older 32bit php. I
forgot the year 2999 isn't a valid epoch date.
* fix up fopen warnings — I was bedazzled by phpUnit's
set_error_handler that turned warnings into exceptions and Tim set
me right.
* Use Tim's read loop
* No need for private $fh member
* Fix some minor problems with PHP versions (no "timeout" param in
pre-5.2.1, POST issue in Hardy's PHP version where timeout is null.)
* Fix how tests are run on old versions of phpUnit.
** Add 'proxy' option to Http $opts array
** Setting 'proxy' option to "false" will bypass the proxy
* Updated MWSearch_body.php to use new "false" option
* remove duplicated definition of "Wikimedia" group in cleanupTable.inc
* define "HTTP" and "Wikimedia" groups in a separate comment so that doxygen doesn't throw "Cannot assign group to itself"
* Reverted HttpFunctions.php to r45549 and renamed wgSyncHTTPTimeout back to wgHTTPTimeout
* Edited out the asynchronous features from UploadFromUrl. Made fetchFile() use the curlCopy() function from new-upload r47811 instead of Http::doDownload(). Wrote my own URL validity check to avoid having to use either of the two buggy precedents.
* Removed UploadFromChunk
* Removed chunk upload and background status from ApiUpload.php
* Reverted r54669, use of addScriptClass()
* Left getHeadScripts() in its current location (OutputPage) instead of moving it back to SkinTemplate, just added wikibits.js to it to replace the removed addCoreScripts2Top()
* broke out curl and php based requests into separate classes ( more general cleanup is of course possible :)
* @@todo these tokens need to be mapped to php fopen stream "context" along with a more general mapping of the rest of the curl options.
