Avoid using $_GET in new code

[danielcifuentesopen]

In the latest auth_saml2 plugin version (2022083100), there is a file (saml2/.extlib/simplesamlphp/modules/adfs/www/idp/prp.php) in which$_GET is used. Following this documentation https://docs.moodle.org/dev/Security#Don't_trust_any_input_from_users, this may be a security issue. It is recommended to use required_param() or optional_param() insted.

[danmarsden]

That file isn't Moodle code. It's an external library included in this code (simplesamlphp) - external libraries follow their own guidelines and don't have access to moodle apis like optional/required_param.

Thanks!