From 9e6a66e87cabab1997262317dbb1b66313dbeb62 Mon Sep 17 00:00:00 2001
From: briskt <3172830+briskt@users.noreply.github.com>
Date: Tue, 16 Jul 2024 15:08:03 -0600
Subject: [PATCH 1/3] set trusted.url.domains using an environment variable

---
 dockerbuild/config/config.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/dockerbuild/config/config.php b/dockerbuild/config/config.php
index 98b32d0..d807e63 100644
--- a/dockerbuild/config/config.php
+++ b/dockerbuild/config/config.php
@@ -71,6 +71,7 @@
 $PASSWORD_CHANGE_URL = Env::get('PASSWORD_CHANGE_URL');
 $PASSWORD_FORGOT_URL = Env::get('PASSWORD_FORGOT_URL');
 $HELP_CENTER_URL = Env::get('HELP_CENTER_URL');
+$TRUSTED_URL_DOMAINS = Env::getArray('TRUSTED_URL_DOMAINS', null);
 
 $config = [
 
@@ -323,7 +324,7 @@
      * Example:
      *   'trusted.url.domains' => ['sp.example.com', 'app.example.com'],
      */
-    'trusted.url.domains' => null,
+    'trusted.url.domains' => $TRUSTED_URL_DOMAINS,
 
     /*
      * Enable regular expression matching of trusted.url.domains.

From 355158409b8194c9c2bc2c545febdc59b3be469b Mon Sep 17 00:00:00 2001
From: briskt <3172830+briskt@users.noreply.github.com>
Date: Tue, 16 Jul 2024 15:30:40 -0600
Subject: [PATCH 2/3] add `TRUSTED_URL_DOMAINS` to the local.env.dist file
 [skip ci]

---
 local.env.dist | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/local.env.dist b/local.env.dist
index c09c0e9..a3a695e 100644
--- a/local.env.dist
+++ b/local.env.dist
@@ -85,3 +85,6 @@ TRUSTED_IP_ADDRESSES=
 # See "https://developers.google.com/recaptcha/docs/faq" for test key/secret.
 RECAPTCHA_SITE_KEY=
 RECAPTCHA_SECRET=
+
+# A comma-separated list of domains trusted for redirect. Should include, at a minimum, all logout redirect URL domains.
+TRUSTED_URL_DOMAINS=

From ae1a6a1487114826da56079db1a073c978c14870 Mon Sep 17 00:00:00 2001
From: briskt <3172830+briskt@users.noreply.github.com>
Date: Tue, 16 Jul 2024 15:51:58 -0600
Subject: [PATCH 3/3] give empty array as the default for trusted.url.domains

---
 dockerbuild/config/config.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/dockerbuild/config/config.php b/dockerbuild/config/config.php
index d807e63..05cc948 100644
--- a/dockerbuild/config/config.php
+++ b/dockerbuild/config/config.php
@@ -8,8 +8,8 @@
 
 use Sil\PhpEnv\Env;
 use Sil\PhpEnv\EnvVarNotFoundException;
-use SimpleSAML\Utils;
 use SimpleSAML\Module\material\MaterialController;
+use SimpleSAML\Utils;
 
 $httpUtils = new Utils\HTTP();
 
@@ -71,7 +71,7 @@
 $PASSWORD_CHANGE_URL = Env::get('PASSWORD_CHANGE_URL');
 $PASSWORD_FORGOT_URL = Env::get('PASSWORD_FORGOT_URL');
 $HELP_CENTER_URL = Env::get('HELP_CENTER_URL');
-$TRUSTED_URL_DOMAINS = Env::getArray('TRUSTED_URL_DOMAINS', null);
+$TRUSTED_URL_DOMAINS = Env::getArray('TRUSTED_URL_DOMAINS', []);
 
 $config = [