From 5c34ebcabc76137d449a0280ad9f34fb9dbb443d Mon Sep 17 00:00:00 2001
From: Olav Morken <olav.morken@uninett.no>
Date: Tue, 16 Nov 2010 14:29:34 +0000
Subject: [PATCH] Auth_Simple: Make sure that we do not return to an URL when a
 callback is specified.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2631 44740490-163a-0410-bde0-09ae8108e29a
---
 lib/SimpleSAML/Auth/Simple.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/SimpleSAML/Auth/Simple.php b/lib/SimpleSAML/Auth/Simple.php
index d036a1aa4..e3fedad71 100644
--- a/lib/SimpleSAML/Auth/Simple.php
+++ b/lib/SimpleSAML/Auth/Simple.php
@@ -104,7 +104,7 @@ class SimpleSAML_Auth_Simple {
 			$returnTo = SimpleSAML_Utilities::selfURL();
 		}
 
-		if ($keepPost && $_SERVER['REQUEST_METHOD'] === 'POST') {
+		if (is_string($returnTo) && $keepPost && $_SERVER['REQUEST_METHOD'] === 'POST') {
 			$returnTo = SimpleSAML_Utilities::createPostRedirectLink($returnTo, $_POST);
 		}
 
-- 
GitLab