New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Samesite patch #1276
Closed
jeremyfrench
wants to merge
29
commits into
simplesamlphp:simplesamlphp-1.16
from
jeremyfrench:samesite_patch
Closed
Samesite patch #1276
jeremyfrench
wants to merge
29
commits into
simplesamlphp:simplesamlphp-1.16
from
jeremyfrench:samesite_patch
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Update config.php Update header.php
`stream_context_create` functionality is handled with HTTP::fetch()
In the ldap-code, search.attributes can be either a string (single attribute) or an array of attributes... The negotiate attr-setting is equal to search.attributes, but was handled differently (as merely a string)
Ignore the enable file in modules
The former is no longer online.
…php.org. The text is not 100% accurate but this is what I can quickly do without invalidating translations and at least it avoids a link to a TLS cert error from SSP's front page.
This setting had to be an absolute path before.. This change is backwards compatible (absolute paths still work)
CREATE TABLE may return 0 on some DBMS, but false is always an indicator something's wrong
…ent language. Also search for "en" as a final fallback language to find a displayable name should such a name not be found in the current language and the default language.
Items in $warnings should either be a string or an array with two values
Thanks @jeremyfrench! No, there's no ongoing work on 1.16. In general, once we release a new branch, we end support for previous branches. Sometimes we might make exceptions, especially wrt security fixes, but this is not the case. Note also that there are two minor versions newer than the one you are running, and that critical security issues have been fixed since, so you should really update now. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
I'm not sure if there is any ongoing work on the 1.16 branch, but I needed to get same site cookies on it and can't upgrade just yet.
I thought I'd raise a PR, so even if closed anyone else who needed this can take the patch.