Skip to content
Snippets Groups Projects
Commit 71c45291 authored by Olav Morken's avatar Olav Morken
Browse files

casserver: Be a little more paranoid when parsing the request URL. 

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2290 44740490-163a-0410-bde0-09ae8108e29a
parent 230f6447
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
modules/casserver/www/cas.php
+ 6
2
View file @ 71c45291
...@@ -8,6 +8,10 @@ ...@@ -8,6 +8,10 @@
*/ */
list($function) = preg_split('/[\/?]/', $_SERVER['PATH_INFO'], 0, PREG_SPLIT_NO_EMPTY); $validFunctions = array('login', 'validate', 'serviceValidate');
$function = substr($_SERVER['PATH_INFO'], 1);
if (!in_array($function, $validFunctions, TRUE)) {
throw new SimpleSAML_Error_NotFound('Not a valid function for cas.php.');
}
include($function.".php"); include($function.".php");
\ No newline at end of file
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment