From 555c4dcc18474332b2349f01312867aa68440729 Mon Sep 17 00:00:00 2001
From: Jaime Perez Crespo <jaime.perez@uninett.no>
Date: Mon, 20 Apr 2015 12:12:43 +0200
Subject: [PATCH] Deprecate SimpleSAML_Utilities::disanleXMLEntityLoader().
 Since we are requiring PHP 5.3, we can call libxml_disable_entity_loader()
 directly.

---
 lib/SimpleSAML/Utilities.php | 1 +
 www/_include.php             | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/lib/SimpleSAML/Utilities.php b/lib/SimpleSAML/Utilities.php
index 7a76d70e9..98819475d 100644
--- a/lib/SimpleSAML/Utilities.php
+++ b/lib/SimpleSAML/Utilities.php
@@ -1624,6 +1624,7 @@ class SimpleSAML_Utilities {
 	 * Disable the loading of external entities in XML documents to prevent local and
 	 * remote file inclusion attacks. This is in most cases already disabled by default
 	 * in system libraries, but to be safe we explicitly disable it also.
+	 * @deprecated This function will be removed in SSP 2.0. Please use libxml_disable_entity_loader() instead.
 	 */
 	public static function disableXMLEntityLoader() {
 		/* Function only present in PHP >= 5.2.11 while we support 5.2+ */
diff --git a/www/_include.php b/www/_include.php
index 4e9b35541..4b52a300b 100644
--- a/www/_include.php
+++ b/www/_include.php
@@ -108,4 +108,4 @@ if (!file_exists($configdir . '/config.php')) {
 /* Set the timezone. */
 SimpleSAML_Utilities::initTimezone();
 /* Disable XML external entity loading explicitly. */
-SimpleSAML_Utilities::disableXMLEntityLoader();
+libxml_disable_entity_loader();
-- 
GitLab