Remove the deprecated Strings::escapeTags, as we now rely on Smarty to catch HTML tags.
parent
026767d07e
commit
c6aa212ea4
|
@ -281,21 +281,19 @@ function saml_addon_admin(&$a, &$o)
|
||||||
|
|
||||||
function saml_addon_admin_post(&$a)
|
function saml_addon_admin_post(&$a)
|
||||||
{
|
{
|
||||||
$safeset = function ($key) {
|
$set = function ($key) {
|
||||||
$val = (!empty($_POST[$key]) ? Strings::escapeTags(trim($_POST[$key])) : '');
|
$val = (!empty($_POST[$key]) ? trim($_POST[$key]) : '');
|
||||||
DI::config()->set('saml', $key, $val);
|
DI::config()->set('saml', $key, $val);
|
||||||
};
|
};
|
||||||
$safeset('idp_id');
|
$set('idp_id');
|
||||||
$safeset('client_id');
|
$set('client_id');
|
||||||
$safeset('sso_url');
|
$set('sso_url');
|
||||||
$safeset('slo_request_url');
|
$set('slo_request_url');
|
||||||
$safeset('slo_response_url');
|
$set('slo_response_url');
|
||||||
$safeset('sp_key');
|
$set('sp_key');
|
||||||
$safeset('sp_cert');
|
$set('sp_cert');
|
||||||
$safeset('idp_cert');
|
$set('idp_cert');
|
||||||
|
$set('settings_statement');
|
||||||
// Not using safeset here since settings_statement is *meant* to include HTML tags.
|
|
||||||
DI::config()->set('saml', 'settings_statement', $_POST['settings_statement']);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
function saml_create_user($username, $email, $name)
|
function saml_create_user($username, $email, $name)
|
||||||
|
|
Loading…
Reference in New Issue