summaryrefslogtreecommitdiffstats
path: root/lib/SimpleSAML
diff options
context:
space:
mode:
authorJaime Perez Crespo <jaime.perez@uninett.no>2016-03-03 12:00:41 +0100
committerJaime Perez Crespo <jaime.perez@uninett.no>2016-03-03 12:00:41 +0100
commit9635fc06b5158d39bfd9c5e068c5d756207eb5ca (patch)
tree37ffa562d1bf5691b8001db5c3634bcb0726024c /lib/SimpleSAML
parentcbd20f6dfeed607b7b3e3165a42c0826ffc73915 (diff)
downloadsimplesamlphp-9635fc06b5158d39bfd9c5e068c5d756207eb5ca.zip
simplesamlphp-9635fc06b5158d39bfd9c5e068c5d756207eb5ca.tar.gz
simplesamlphp-9635fc06b5158d39bfd9c5e068c5d756207eb5ca.tar.bz2
Bugfix: there's a couple of places in SimpleSAML\Utils\HTTP where we should use the host AND port if the latter is not the default one, but we are only using the host. These are the case for evaluating the 'trusted.url.domains' configuration options (we should allow the host and port we are reachable in, but not other ports in the same host) and the method that returns the host with path, which should include the port if that's not standard (the documentation of the method already says so).
Diffstat (limited to 'lib/SimpleSAML')
-rw-r--r--lib/SimpleSAML/Utils/HTTP.php4
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/SimpleSAML/Utils/HTTP.php b/lib/SimpleSAML/Utils/HTTP.php
index 00946fc..12809c7 100644
--- a/lib/SimpleSAML/Utils/HTTP.php
+++ b/lib/SimpleSAML/Utils/HTTP.php
@@ -323,7 +323,7 @@ class HTTP
$hostname = $matches[1];
// add self host to the white list
- $self_host = self::getSelfHost();
+ $self_host = self::getSelfHostWithNonStandardPort();
$trustedSites[] = $self_host;
// throw exception due to redirection to untrusted site
@@ -642,7 +642,7 @@ class HTTP
$baseurl = explode("/", self::getBaseURL());
$elements = array_slice($baseurl, 3 - count($baseurl), count($baseurl) - 4);
$path = implode("/", $elements);
- return self::getSelfHost()."/".$path;
+ return self::getSelfHostWithNonStandardPort()."/".$path;
}