Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
cas_ldap_tokens() runs all values through check_plain(). When it encounters a binary value, such as a GUID / objectguid, you will get this error message:
Warning: htmlspecialchars(): Invalid multibyte sequence in argument in check_plain() (line 1545 of .../includes/bootstrap.inc).
The module should clean up strings which are not valid UTF-8 before running them through check_plain().
Comment | File | Size | Author |
---|---|---|---|
#1 | cas_attributes_1929418_clean_binary.patch | 1.58 KB | Liam Morland |
Comments
Comment #1
Liam MorlandFixed attached.
Comment #2
lily_yanhong CreditAttribution: lily_yanhong commentedI did test. It works for me. Thanks, Liam
Comment #3
Olarin CreditAttribution: Olarin commentedThanks for submitting a patch. It looks pretty clean, but if you'll forgive a stupid question or two before I commit it, since I don't use the cas_ldap sub-module myself - your patch is currently only addressing GUIDs, and it's assuming any non-utf8-valid data of 32 characters is a GUID. Is there any other sort of binary data that might commonly be coming thru in an LDAP attribute that we should potentially be addressing while we're at it?
Comment #4
Liam MorlandYes, it does make the assumption that any 32 character binary data can be formatted as a GUID. Currently, such data is replaced with empty string, so it's broken anyway. I don't know of any 32 character binary data besides a GUID which would be likely to come from LDAP.
The formatting part could be left out and that would still allow the binary data to be available and avoid the error message. Formatting means GUIDs look like they do in most other interfaces. It could check the name of the field and only format a GUID fields.
Comment #5
bfroehle CreditAttribution: bfroehle commentedAn alternative approach, of course, would be to add token mechanism to do the conversion --- for example something like
[cas:ldap:guid:guid_to_string]
.Comment #6
bfroehle CreditAttribution: bfroehle commentedProbably should also follow the discussion at #1533492: LDAP *: Need method for dealing with binary attributes, since we inherently rely upon Drupal's LDAP module to fetch the data. If they had proper support for binary attributes we could properly support them here.
Comment #7
Liam MorlandMakes sense. In the meantime, any binary attribute will be turned into the empty string and an warning message will be raised, even if PHP's display_errors is turned off. Because of this, at least bin2hex() should be called on data that doesn't pass drupal_validate_utf8().
Comment #8
bfroehle CreditAttribution: bfroehle commentedYes, I agree!
Comment #10
Liam MorlandThe errors causing the test to fail are inside the phpCAS library, not in the CAS Attributes module, so this patch is still ready to be committed.
Comment #11
DamienMcKennaComment #13
yalet CreditAttribution: yalet commentedCommitted.