Skip to content
Snippets Groups Projects
Unverified Commit 230292ee authored by Olav Morken's avatar Olav Morken
Browse files

Merge branch 'fix-cve-2020-5301' 

See:

https://github.com/simplesamlphp/simplesamlphp/pull/1317
parents 228e4f22 47968d26
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
lib/SimpleSAML/Module.php
+ 1
1
View file @ 230292ee
...@@ -259,7 +259,7 @@ class Module ...@@ -259,7 +259,7 @@ class Module
throw new Error\NotFound('The URL wasn\'t found in the module.'); throw new Error\NotFound('The URL wasn\'t found in the module.');
} }
if (substr($path, -4) === '.php') { if (mb_strtolower(substr($path, -4), 'UTF-8') === '.php') {
// PHP file - attempt to run it // PHP file - attempt to run it
/* In some environments, $_SERVER['SCRIPT_NAME'] is already set with $_SERVER['PATH_INFO']. Check for that /* In some environments, $_SERVER['SCRIPT_NAME'] is already set with $_SERVER['PATH_INFO']. Check for that
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment