Skip to content

Commit 4e85c69

Browse files
authored
Merge pull request #258 from LukasReschke/escape-error-messages
Escape error messages in debug mode
2 parents 80a6f46 + 21ca267 commit 4e85c69

4 files changed

Lines changed: 4 additions & 4 deletions

File tree

lib/Saml2/LogoutRequest.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -380,7 +380,7 @@ public function isValid($retrieveParametersFromServer = false)
380380
$this->_error = $e->getMessage();
381381
$debug = $this->_settings->isDebugActive();
382382
if ($debug) {
383-
echo $this->_error;
383+
echo htmlentities($this->_error);
384384
}
385385
return false;
386386
}

lib/Saml2/LogoutResponse.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -188,7 +188,7 @@ public function isValid($requestId = null, $retrieveParametersFromServer = false
188188
$this->_error = $e->getMessage();
189189
$debug = $this->_settings->isDebugActive();
190190
if ($debug) {
191-
echo $this->_error;
191+
echo htmlentities($this->_error);
192192
}
193193
return false;
194194
}

lib/Saml2/Response.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -402,7 +402,7 @@ public function isValid($requestId = null)
402402
$this->_error = $e->getMessage();
403403
$debug = $this->_settings->isDebugActive();
404404
if ($debug) {
405-
echo $this->_error;
405+
echo htmlentities($this->_error);
406406
}
407407
return false;
408408
}

lib/Saml2/Utils.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -134,7 +134,7 @@ public static function validateXML($xml, $schema, $debug = false)
134134

135135
if ($debug) {
136136
foreach ($xmlErrors as $error) {
137-
echo $error->message."\n";
137+
echo htmlentities($error->message."\n");
138138
}
139139
}
140140

0 commit comments

Comments
 (0)