diff --git a/lib/SimpleSAML/Bindings/SAML20/HTTPRedirect.php b/lib/SimpleSAML/Bindings/SAML20/HTTPRedirect.php
index 828c5bc07664008a85c8d3f9efd199c115872f13..3e9775ad2e92aff57ec605a5c3be59a1de4016ee 100644
--- a/lib/SimpleSAML/Bindings/SAML20/HTTPRedirect.php
+++ b/lib/SimpleSAML/Bindings/SAML20/HTTPRedirect.php
@@ -135,7 +135,21 @@ class SimpleSAML_Bindings_SAML20_HTTPRedirect {
 			throw new Exception('SAMLRequest parameter not set in paramter (on SAML 2.0 HTTP Redirect binding endpoint)');
 		}
 		$rawRequest = 	$get["SAMLRequest"];
-		$relaystate = isset($get["RelayState"]) ? $get["RelayState"] : null;
+		/* We don't need to remove any magic quotes from the
+		 * SAMLRequest parameter since this parameter is guaranteed
+		 * to be base64-encoded.
+		 */
+
+		/* Check if a RelayState was provided with the request. */
+		if(array_key_exists('RelayState', $get)) {
+			$relaystate = $get['RelayState'];
+			/* Remove any magic quotes that php may have added. */
+			if(get_magic_quotes_gpc()) {
+				$relaystate = stripslashes($relaystate);
+			}
+		} else {
+			$relaystate = NULL;
+		}
 		
 		$samlRequestXML = gzinflate(base64_decode( $rawRequest ));
          
@@ -157,7 +171,21 @@ class SimpleSAML_Bindings_SAML20_HTTPRedirect {
 			throw new Exception('SAMLResponse parameter not set in paramter (on SAML 2.0 HTTP Redirect binding endpoint)');
 		}
 		$rawRequest = 	$get["SAMLResponse"];
-		$relaystate = isset($get["RelayState"]) ? $get["RelayState"] : null;
+		/* We don't need to remove any magic quotes from the
+		 * SAMLResponse parameter since this parameter is guaranteed
+		 * to be base64-encoded.
+		 */
+
+		/* Check if a RelayState was provided with the request. */
+		if(array_key_exists('RelayState', $get)) {
+			$relaystate = $get['RelayState'];
+			/* Remove any magic quotes that php may have added. */
+			if(get_magic_quotes_gpc()) {
+				$relaystate = stripslashes($relaystate);
+			}
+		} else {
+			$relaystate = NULL;
+		}
 		
 		$samlRequestXML = gzinflate(base64_decode( $rawRequest ));
          
diff --git a/www/saml2/idp/SingleLogoutService.php b/www/saml2/idp/SingleLogoutService.php
index 778608e5475fb5d3f1b6bedc19906b5c3400455d..f1e53e7bd4d39a9fa8e12126040bb2f7f587eccf 100644
--- a/www/saml2/idp/SingleLogoutService.php
+++ b/www/saml2/idp/SingleLogoutService.php
@@ -75,6 +75,10 @@ if ($spentityid) {
 		$relayState = SimpleSAML_Utilities::selfURL();
 		if (isset($_GET['RelayState'])) {
 			$relayState = $_GET['RelayState'];
+			/* Remove any magic quotes that php may have added. */
+			if(get_magic_quotes_gpc()) {
+				$relayState = stripslashes($relayState);
+			}
 		}
 		
 		//$request, $remoteentityid, $relayState = null, $endpoint = 'SingleLogoutService', $direction = 'SAMLRequest', $mode = 'SP'
@@ -122,6 +126,10 @@ try {
 	$relayState = SimpleSAML_Utilities::selfURL();
 	if (isset($_GET['RelayState'])) {
 		$relayState = $_GET['RelayState'];
+		/* Remove any magic quotes that php may have added. */
+		if(get_magic_quotes_gpc()) {
+			$relayState = stripslashes($relayState);
+		}
 	}
 	
 	//$request, $remoteentityid, $relayState = null, $endpoint = 'SingleLogoutService', $direction = 'SAMLRequest', $mode = 'SP'