Commit 48c0ce17 authored by Lukas Haemmerle's avatar Lukas Haemmerle
Browse files

Added resilience to comments in metadata files as described in #3744

parent a62b8c0a
......@@ -41,6 +41,8 @@ SWITCHwayf Version History
web server environment variable to allow multi-tenant
deployments. Code provided by Guillaume Rousse.
- Various other improvements suggested by Guillaume Rousse.
- Added code to readMetadata.php to ignore comments
Contributed by Chris Philips
- Updated JQuery to v3.2.1
- Hide IdPs also from category Last Used IdP
- Made Javascript less prone to conflicts thanks to
......@@ -275,6 +277,7 @@ alphabetically.
- Nicolas Dunand from Université Lausanne (CH)
- Michael R. Gettes from Internet2 (US)
- Christian Glahn, HTW Chur (CH)
- Chris Philips, Canarie (CA)
- Nuno Gonçalves from FCCN (PT)
- Florent Guilleux from CRU (FR)
- Guillaume Rousse from RENATER (FR)
......@@ -218,6 +218,36 @@ function parseMetadata($metadataFile, $defaultLanguage){
// Go to first element and check it is named 'EntitiesDescriptor'
// If not it's probably not a valid SAML metadata file
// Often there are comments at the beginning of the metadata,
// this will eat/skip a max #(3) of comments and then hit the
// evaluation of the EntitiesDescriptor tweak if necessary
while ($CurrentXMLReaderNode->localName == '#comment') {
// Always have an way to punch out of a while loop & inform the user why
if ($commentCount++ >=$maxCommentCount){
$errorMsg= 'This file has exceeded the max # comments of'. $maxCommentCount;
$errorMsg .=' XML comments before an EntityDescriptor. Are you sure this is a well formed Metadata file?';
if (isRunViaCLI()){
echo $errorMsg."\n";
} else {
return Array(false, false);
// If we arrive here, we have read the first node at very
// least and if it's not a comment, it should be an
// EntityDescriptor
// If it WAS 1 or more comments, we will have eaten then up
// and the NEXT read will have occurred
// If this next read of the XML nodes is NOT an
// EntitiesDescriptor, (note the plural), we should fail.
// If the next read of the XML nodes IS an
// EntitiesDescriptor, we should proceed stead of 'read again'
if ($CurrentXMLReaderNode->localName !== 'EntitiesDescriptor') {
$errorMsg = 'Metadata file '.$metadataFile.' does not include a root node EntitiesDescriptor';
if (isRunViaCLI()){
......@@ -746,5 +776,3 @@ function hasHideFromDiscoveryEntityCategory($IDPRoleDescriptorNode){
return false;
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment