From db671f0a8c4b3ab557921ad22e00579404011013 Mon Sep 17 00:00:00 2001
From: Tim van Dijen <tvdijen@gmail.com>
Date: Sat, 11 Jun 2022 16:56:25 +0200
Subject: [PATCH] Harden www-scripts

---
 www/_include.php |  2 ++
 www/index.php    | 10 +++++++---
 www/logout.php   | 15 +++++++++++----
 www/module.php   |  6 +++++-
 4 files changed, 25 insertions(+), 8 deletions(-)

diff --git a/www/_include.php b/www/_include.php
index 3cbffa24a..cf3f99129 100644
--- a/www/_include.php
+++ b/www/_include.php
@@ -1,5 +1,7 @@
 <?php
 
+declare(strict_types=1);
+
 // initialize the autoloader
 require_once(dirname(dirname(__FILE__)) . '/src/_autoload.php');
 
diff --git a/www/index.php b/www/index.php
index a01831ec1..74feb0689 100644
--- a/www/index.php
+++ b/www/index.php
@@ -1,9 +1,13 @@
 <?php
 
+declare(strict_types=1);
+
+namespace SimpleSAML;
+
 require_once('_include.php');
 
-$config = \SimpleSAML\Configuration::getInstance();
-$httpUtils = new \SimpleSAML\Utils\HTTP();
+$config = Configuration::getInstance();
+$httpUtils = new Utils\HTTP();
 
-$redirect = $config->getOptionalString('frontpage.redirect', SimpleSAML\Module::getModuleURL('core/welcome'));
+$redirect = $config->getOptionalString('frontpage.redirect', Module::getModuleURL('core/welcome'));
 $httpUtils->redirectTrustedURL($redirect);
diff --git a/www/logout.php b/www/logout.php
index 5be736361..a9fa178cb 100644
--- a/www/logout.php
+++ b/www/logout.php
@@ -1,9 +1,17 @@
 <?php
 
+declare(strict_types=1);
+
+namespace SimpleSAML;
+
+use SimpleSAML\XHTML\Template;
+
+use function array_key_exists;
+
 require_once('_include.php');
 
-$config = \SimpleSAML\Configuration::getInstance();
-$httpUtils = new \SimpleSAML\Utils\HTTP();
+$config = Configuration::getInstance();
+$httpUtils = new Utils\HTTP();
 
 if (array_key_exists('link_href', $_REQUEST)) {
     $link = $httpUtils->checkURLAllowed($_REQUEST['link_href']);
@@ -17,8 +25,7 @@ if (array_key_exists('link_text', $_REQUEST)) {
     $text = '{logout:default_link_text}';
 }
 
-$t = new \SimpleSAML\XHTML\Template($config, 'logout.twig');
+$t = new Template($config, 'logout.twig');
 $t->data['link'] = $link;
 $t->data['text'] = $text;
 $t->send();
-exit();
diff --git a/www/module.php b/www/module.php
index ebdc6b19c..f59c2f05f 100644
--- a/www/module.php
+++ b/www/module.php
@@ -5,6 +5,10 @@
  * the process() handler in the Module class.
  */
 
+declare(strict_types=1);
+
+namespace SimpleSAML;
+
 require_once('_include.php');
 
-\SimpleSAML\Module::process()->send();
+Module::process()->send();
-- 
GitLab