Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Release 3.5.2 #399

Merged
merged 24 commits into from
Feb 28, 2018
Merged

Release 3.5.2 #399

Changes from 1 commit
Commits
Show all changes
24 commits
Select commit Hold shift + click to select a range
2e2aa06
Fixed get_avatar hooked function to account for other user identifier…
joshcanhelp Jan 25, 2018
e406cf4
Added field render function and fixed validation for migration IPs, f…
joshcanhelp Jan 24, 2018
b197db6
Fixing XSS vulnerability in error_description; fixes #381
joshcanhelp Jan 29, 2018
1bd0c05
Adding all options and transients to delete; fixed #322
joshcanhelp Jan 30, 2018
aed2c0e
fixing wrong title and icon displayed when a widget is added with a s…
joshcanhelp Jan 24, 2018
66a34e7
Better error messages using the method name magic constant
joshcanhelp Jan 24, 2018
37a128a
Better empty default for error log array; docblock; fixes #285
joshcanhelp Jan 24, 2018
5ad1270
Refactoring WP_Auth0_Api_Client::create_client() for better default U…
joshcanhelp Jan 29, 2018
e606f40
Removed client grant success message in log for initial setup; fixed …
joshcanhelp Jan 31, 2018
f10e2be
adjusting no protocol to null
joshcanhelp Feb 2, 2018
a226f9c
incorrect closing tag
joshcanhelp Jan 29, 2018
fa66c66
Fixed non-static method convertCertToPem called statically; fixes #380
joshcanhelp Jan 30, 2018
cc99216
Fixing user migration setting validation throwing errors. Fixes #374
joshcanhelp Jan 30, 2018
c28fcec
complete changelog in readme.txt pointing to github CHANGELOG
joshcanhelp Jan 31, 2018
87db497
better documentation on deprecated functions
joshcanhelp Feb 8, 2018
bcf881c
removed changelog entries older than 3.x; reverted convertCertToPem d…
joshcanhelp Feb 8, 2018
dda8c11
renaming previous-deprecated function
joshcanhelp Feb 8, 2018
e661d6c
fixing Lock options sending an incorrect responseType, preventing SSO…
joshcanhelp Feb 8, 2018
29f3db1
removing outdated screenshot; updating repo readme to remove hook doc…
joshcanhelp Feb 8, 2018
c46a264
removing duplicate documentation that exists on the WP.org readme
joshcanhelp Feb 8, 2018
e97e273
fixing boolval() and array shorthand
joshcanhelp Feb 16, 2018
88d5fd2
adding PHP requirement of 5.3
joshcanhelp Feb 19, 2018
8b42a99
Release 3.5.2
joshcanhelp Feb 16, 2018
16f75ab
Changelog additions
joshcanhelp Feb 27, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Fixing XSS vulnerability in error_description; fixes #381
  • Loading branch information
@joshcanhelp
joshcanhelp committed Jan 29, 2018
commit b197db6d99cc9c2fe97f02741a4819843555c3ba
4 changes: 2 additions & 2 deletions lib/WP_Auth0_LoginManager.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -198,11 +198,11 @@ public function redirect_login() {
}

if ( $this->query_vars( 'error_description' ) !== null && $this->query_vars( 'error_description' ) !== '' ) {
throw new WP_Auth0_LoginFlowValidationException( $this->query_vars( 'error_description' ) );
throw new WP_Auth0_LoginFlowValidationException( sanitize_text_field( $this->query_vars( 'error_description' ) ) );
}

if ( $this->query_vars( 'error' ) !== null && trim( $this->query_vars( 'error' ) ) !== '' ) {
throw new WP_Auth0_LoginFlowValidationException( $this->query_vars( 'error' ) );
throw new WP_Auth0_LoginFlowValidationException( sanitize_text_field( $this->query_vars( 'error' ) ) );
}

$code = $this->query_vars( 'code' );
Expand Down