kkatpcc
Forum Replies Created
-
Forum: Plugins
In reply to: [WP SAML Auth] xmlseclibs vulnerability👍
Forum: Plugins
In reply to: [WP Cassify] Patch to start PHP session only when neededCan you send me a patch of all the modified files, indicating exactly where the changes have been made?
The lack of plugin updates — for proper PHP 8 support, and in general — have forced me to look for a different plugin/solution. Thus, I can’t justify the effort of submitting a formal patch at this point.
However, my first comment basically serves this purpose. Please feel free to work that logic into your plugin as you see fit.
Have you tested your patch with Gateway mode?
No, I do not use Gateway mode.
Overall, the comments from @partyka may indicate a better approach.
Forum: Plugins
In reply to: [WP Cassify] PHP 8 supportI can confirm the whitelist problem. A breaking change in how strrpos treats empty needle strings in PHP 8+ is causing WP_Cassify_Plugin::wp_cassify_is_in_while_list to bypass CAS auth by default. Details: https://github.com/php/php-src/issues/8582
Another quick fix is to wrap the explode in array_filter:
$white_list_urls = array_filter(explode( ';', $wp_cassify_redirect_url_white_list ));Thanks for taking care of this so quickly!