You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug
If you set 'logging.level' => SimpleSAML\Logger::DEBUG, PHP generates warnings at the bottom of the page/XML, like this:
Warning: session_name(): Cannot change session name when headers already sent in /var/www/simplesamlphp/lib/SimpleSAML/SessionHandlerPHP.php on line 72
To Reproduce
Steps to reproduce the behavior:
Run PHP >= 7.2
Set loglevel to debug
Enable SAML2 IDP in your config
Navigate to /simplesaml/saml2/idp/metadata.php?output=xhtml
Screenshots or logs
(I removed [Thu Jul 18 13:10:09.863068 2019] [php7:notice] [pid 17] [client 172.17.0.2:49774] simplesamlphp from the begining of each line)
There are previous closed issues with similar reports, like #1092 , #1006 .
It seems that the flush function in lib/SimpleSAML/Logger.php tries to create a session, and on pages that don't use sessions this causes the sending of headers after output is already sent.
I'm not if sure this is the root cause, there could be a problem with the log handler or somewhere else in the session handling.
A possible solution I found (suggested by @dbollaer) is checking for a session before, in the defer funcion (which causes the call of flush later):
diff --git a/lib/SimpleSAML/Logger.php b/lib/SimpleSAML/Logger.php
index c18276ec..410de5be 100644
--- a/lib/SimpleSAML/Logger.php+++ b/lib/SimpleSAML/Logger.php@@ -335,6 +335,7 @@ class Logger
*/
private static function defer($level, $message, $stats)
{
+ // so that the headers are not sent by flush+ $session = \SimpleSAML\Session::getSessionFromRequest();
// save the message for later
self::$earlyLog[] = ['level' => $level, 'string' => $message, 'statsLog' => $stats];
I'm not well versed in SimpleSAML (or even PHP), but this fixed the warning for me.
The text was updated successfully, but these errors were encountered:
toth-dev
added a commit
to toth-dev/simplesamlphp
that referenced
this issue
Jul 31, 2019
Describe the bug
If you set
'logging.level' => SimpleSAML\Logger::DEBUG
, PHP generates warnings at the bottom of the page/XML, like this:Warning: session_name(): Cannot change session name when headers already sent in /var/www/simplesamlphp/lib/SimpleSAML/SessionHandlerPHP.php on line 72
To Reproduce
Steps to reproduce the behavior:
/simplesaml/saml2/idp/metadata.php?output=xhtml
From my comment on #1092 , see the Dockerfile:
Expected behavior
There should be no warning.
Screenshots or logs
(I removed
[Thu Jul 18 13:10:09.863068 2019] [php7:notice] [pid 17] [client 172.17.0.2:49774] simplesamlphp
from the begining of each line)Additional context
There are previous closed issues with similar reports, like #1092 , #1006 .
It seems that the
flush
function inlib/SimpleSAML/Logger.php
tries to create a session, and on pages that don't use sessions this causes the sending of headers after output is already sent.I'm not if sure this is the root cause, there could be a problem with the log handler or somewhere else in the session handling.
A possible solution I found (suggested by @dbollaer) is checking for a session before, in the
defer
funcion (which causes the call offlush
later):I'm not well versed in SimpleSAML (or even PHP), but this fixed the warning for me.
The text was updated successfully, but these errors were encountered: