Remove the deprecated Strings::escapeTags, as we now rely on Smarty to catch HTML...

diff --git a/saml/saml.php b/saml/saml.php
index 4d12188802dd3359b491f00445f1f7aba4d88211..ffcdd9daad30da14b9d97e6abaac09c9c6c87823 100755 (executable)
--- a/saml/saml.php
+++ b/saml/saml.php
@@ -281,21 +281,19 @@ function saml_addon_admin(&$a, &$o)
 
 function saml_addon_admin_post(&$a)
 {
-       $safeset = function ($key) {
-               $val = (!empty($_POST[$key]) ? Strings::escapeTags(trim($_POST[$key])) : '');
+       $set = function ($key) {
+               $val = (!empty($_POST[$key]) ? trim($_POST[$key]) : '');
                DI::config()->set('saml', $key, $val);
        };
-       $safeset('idp_id');
-       $safeset('client_id');
-       $safeset('sso_url');
-       $safeset('slo_request_url');
-       $safeset('slo_response_url');
-       $safeset('sp_key');
-       $safeset('sp_cert');
-       $safeset('idp_cert');
-
-       // Not using safeset here since settings_statement is *meant* to include HTML tags.
-       DI::config()->set('saml', 'settings_statement', $_POST['settings_statement']);
+       $set('idp_id');
+       $set('client_id');
+       $set('sso_url');
+       $set('slo_request_url');
+       $set('slo_response_url');
+       $set('sp_key');
+       $set('sp_cert');
+       $set('idp_cert');
+       $set('settings_statement');
 }
 
 function saml_create_user($username, $email, $name)