From 4aca3882ade665bfa2ad16868bac459e4ef7b661 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jaime=20P=C3=A9rez=20Crespo?= <jaime.perez@uninett.no>
Date: Fri, 16 Nov 2012 13:02:39 +0000
Subject: [PATCH] Make the previous commit safe for SPs and SSP acting as a
 proxy.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@3202 44740490-163a-0410-bde0-09ae8108e29a
---
 modules/authorize/templates/authorize_403.php | 9 +++++++--
 modules/authorize/www/authorize_403.php       | 3 +++
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/modules/authorize/templates/authorize_403.php b/modules/authorize/templates/authorize_403.php
index 9b02c1444..6d63c2763 100644
--- a/modules/authorize/templates/authorize_403.php
+++ b/modules/authorize/templates/authorize_403.php
@@ -10,7 +10,6 @@
  * @version $Id$
  */
 
-global $state;
 
 $this->data['403_header'] = $this->t('{authorize:Authorize:403_header}');
 $this->data['403_text'] = $this->t('{authorize:Authorize:403_text}');
@@ -19,7 +18,13 @@ $this->includeAtTemplateBase('includes/header.php');
 ?>
 <h1><?php echo $this->data['403_header']; ?></h1>
 <p><?php echo $this->data['403_text']; ?></p>
-<p><a href="<?php echo SimpleSAML_Module::getModuleURL('core/authenticate.php', array('as' => $state['Source']['auth']))."&logout"; ?>"><?php echo $this->t('{status:logout}'); ?></a></p>
+<?php
+if (isset($this->data['LogoutURL'])) {
+?>
+<p><a href="<?php echo htmlspecialchars($this->data['LogoutURL']); ?>"><?php echo $this->t('{status:logout}'); ?></a></p>
+<?php
+}
+?>
 <?php
 $this->includeAtTemplateBase('includes/footer.php');
 ?>
diff --git a/modules/authorize/www/authorize_403.php b/modules/authorize/www/authorize_403.php
index 60e0d9b7c..54d702fb0 100644
--- a/modules/authorize/www/authorize_403.php
+++ b/modules/authorize/www/authorize_403.php
@@ -15,6 +15,9 @@ $state = SimpleSAML_Auth_State::loadState($id, 'authorize:Authorize');
 
 $globalConfig = SimpleSAML_Configuration::getInstance();
 $t = new SimpleSAML_XHTML_Template($globalConfig, 'authorize:authorize_403.php');
+if (isset($state['Source']['auth'])) {
+    $t->data['LogoutURL'] = SimpleSAML_Module::getModuleURL('core/authenticate.php', array('as' => $state['Source']['auth']))."&logout";
+}
 header('HTTP/1.0 403 Forbidden');
 $t->show();
 
-- 
GitLab