Skip to content
Snippets Groups Projects
Select Git revision
  • master default protected
  • cesnet_simplesamlphp-1.19.8
  • elixir_simplesamlphp-1.19.8
  • simplesamlphp-1.19.8
  • cesnet_simplesamlphp-1.19.5
  • simplesamlphp-2.0
  • feature/assets
  • feature/rac-source-selector
  • cleanup/remove-base64-attributes
  • simplesamlphp-1.19
  • elixir_simplesamlphp-1.19.5
  • aarc_idp_hinting
  • feature/validate-authstate-before-processing
  • feature/build-two-tarballs
  • dependabot/composer/twig/twig-3.4.3
  • tvdijen-patch-1
  • unchanged-acs-url-no-www-script
  • feature/translation-improvements
  • symfony6
  • move_tests
  • v1.19.9
  • v2.1.3
  • v2.0.10
  • v2.1.2
  • v2.0.9
  • v2.1.1
  • v2.0.8
  • v2.1.0
  • v2.0.7
  • v2.1.0-rc1
  • v2.0.6
  • v2.0.5
  • 2.0.4-alpha.1
  • v2.0.4-alpha.1
  • v2.0.4
  • v2.0.3
  • v2.0.2
  • v2.0.1-alpha.1
  • v2.0.1
  • v1.19.8
40 results
Search by author
  • Any Author
  • Bohumír Maštalíř Bohumír Maštalíř mastalir
  • David Flor David Flor 493294
  • Jakub Kriš Jakub Kriš 182608
  • Jan Pavlíček Jan Pavlíček 469355
  • Jiří Prokop Jiří Prokop 525248
  • Marek Hlávka Marek Hlávka 484956
  • Martin Kuba Martin Kuba 3988
  • Matej Jošťák Matej Jošťák mixxo
  • Mgr. Radim Křivánek Mgr. Radim Křivánek radimkrivanek
  • Michal Berky Michal Berky 514063
  • Pavel Vyskočil Pavel Vyskočil 445753
  • Pavel Zlámal Pavel Zlámal 256627
  • Perun-GitLab Service Account Perun-GitLab Service Account 9045464
  • Peter Bolha Peter Bolha 485456
  • Peter Lényi Peter Lényi 256333
  • Přemysl Kala Přemysl Kala 47343
  • Rastislav Kruták Rastislav Kruták 492918
  • Šárka Palkovičová Šárka Palkovičová 492687
18 authors
  1. Oct 09, 2018
  3. Aug 22, 2018
  5. Aug 13, 2018
  7. May 31, 2018
  9. Jan 11, 2017
  11. Jan 10, 2017
  13. Jul 28, 2016
    • Jaime Pérez's avatar
      Remove debugging leftovers. · f261dfc1
      Jaime Pérez authored
      f261dfc1
    • Jaime Pérez's avatar
      bugfix: Allow attributes to contain raw XML as their values. · 977b8e86
      Jaime Pérez authored 
      A recent change in simplesamlphp/saml2#60 made the library return a DOMNodeList object when the contents of the AttributeValue element are not text. This lead to a bug, since the returned value is not serializable, and when storing it in the session it will go away as soon as we serialize the session to store it in the backend (whatever that is). This is always, as the SP will always redirect to the URL originating authentication. The result was an empty DOMNodeList object where there should be some value.

This commit makes the SimpleSAML_Session to implement the Serializable interface. When obtaining the attributes during login (doLogin() method), the code will now look for DOMNodeList objects, and dump them as a string with the XML representation of their contents in the 'RawAttributes' array inside $this->authData[$authority]. This allows us to parse the XML back when unserializing, and restore the original DOMNodeList object as the value of the attribute.

The issue was reported originally in the mailing list by Enrico Cavalli, affecting eduPersonTargetedID. This resolves #424.
      977b8e86
  15. Feb 05, 2016
  17. Jan 14, 2016
    • Hanne Moa's avatar
      Refactor SimpleSAML_XHTML_Template · d2759355
      Hanne Moa authored 
      A template now has a translator-object, SimpleSAML_Locale_Translate.
This handles the existing translation system.

The translator has a language-object, SimpleSAML_Locale_Language. This
handles discovery and switching of locale.

SimpleSAML_XHTML_Template has several methods that are wrapped
translator-methods:

t()
isLanguageRTL()
getLanguageList()
getTranslation()

This way it isn't necessary to change much of the existing system.
      d2759355
  19. Oct 21, 2014
  21. May 23, 2013
  23. Dec 12, 2011
  25. Jul 22, 2011
  27. Oct 25, 2010
  29. Oct 21, 2010
  31. Jul 29, 2010
    • Olav Morken's avatar
      templates/status: Fix cross-site scripting. · c7c8e778
      Olav Morken authored 
      If simpleSAMLphp is configured with a attribute hook that creates
attribute values containing associative arrays, and is displaying
attributes from an untrusted IdP, it can lead to cross-site scripting.

(Note that the feature allowing for attribute values with associative
arrays is believed to be unused, and will be removed in a future
release.)

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2434 44740490-163a-0410-bde0-09ae8108e29a
      c7c8e778
  33. Aug 28, 2009
  35. Jan 26, 2009
  37. Jan 13, 2009
  39. Oct 31, 2008
  41. Jul 02, 2008
  43. Mar 26, 2008
  45. Mar 25, 2008
  47. Feb 27, 2008
  49. Feb 15, 2008
  51. Jan 30, 2008
  53. Jan 28, 2008
  55. Dec 14, 2007
  57. Oct 21, 2007
  59. Oct 20, 2007
  61. Sep 14, 2007