From 5dc18aeaf3f1e6793c52da4527e9765541704ee0 Mon Sep 17 00:00:00 2001
From: Olav Morken <olav.morken@uninett.no>
Date: Thu, 24 Jan 2008 12:21:02 +0000
Subject: [PATCH] SAML2:IdP:Metadata: Escape XML in metadata.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@191 44740490-163a-0410-bde0-09ae8108e29a
---
 www/saml2/idp/metadata.php | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/www/saml2/idp/metadata.php b/www/saml2/idp/metadata.php
index ce80d28e0..27f16507a 100644
--- a/www/saml2/idp/metadata.php
+++ b/www/saml2/idp/metadata.php
@@ -30,7 +30,7 @@ try {
 	
 	$metaxml = '<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
 	<EntityDescriptor xmlns:xsi="https://www.w3.org/2001/XMLSchema-instance" xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
- entityID="' . $idpentityid . '">
+ entityID="' . htmlspecialchars($idpentityid) . '">
     <IDPSSODescriptor
         WantAuthnRequestsSigned="false"
         protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
@@ -38,7 +38,7 @@ try {
                 <KeyDescriptor use="signing">
                         <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                           <ds:X509Data>
-                                <ds:X509Certificate>' . $data . '</ds:X509Certificate>
+                                <ds:X509Certificate>' . htmlspecialchars($data) . '</ds:X509Certificate>
                         </ds:X509Data>
                   </ds:KeyInfo>
                 </KeyDescriptor>  
@@ -48,8 +48,8 @@ try {
         <!-- Logout endpoints -->
         <SingleLogoutService
             Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
-            Location="' . $metadata->getGenerated('SingleLogoutService', 'saml20-idp-hosted') . '"
-            ResponseLocation="' . $metadata->getGenerated('SingleLogoutService', 'saml20-idp-hosted') . '" 
+            Location="' . htmlspecialchars($metadata->getGenerated('SingleLogoutService', 'saml20-idp-hosted')) . '"
+            ResponseLocation="' . htmlspecialchars($metadata->getGenerated('SingleLogoutService', 'saml20-idp-hosted')) . '"
             index="0" 
             isDefault="true"
             />
@@ -61,7 +61,7 @@ try {
         <!-- AuthenticationRequest Consumer endpoint -->
         <SingleSignOnService
             Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
-            Location="' . $metadata->getGenerated('SingleSignOnService', 'saml20-idp-hosted') . '" 
+            Location="' . htmlspecialchars($metadata->getGenerated('SingleSignOnService', 'saml20-idp-hosted')) . '"
             index="0" 
             isDefault="true"
             />
-- 
GitLab