/top/
/new/
/best/
/ask/
/show/
/job/
^
slacker news
login
about
←back to thread
Sign in as anyone: Bypassing SAML SSO authentication with parser differentials
(github.blog)
312 points
campuscodi
| 1 comments |
15 Mar 25 19:06 UTC
|
HN request time: 0s
|
source
Show context
oncallthrow
◴[
15 Mar 25 19:16 UTC
]
No.
43374582
[source]
▶
>>43374519 (OP)
#
XML is to authentication bypasses what C is to buffer overflow attacks
replies(4):
>>43374583
#
>>43374813
#
>>43375202
#
>>43375808
#
dietr1ch
◴[
15 Mar 25 19:57 UTC
]
No.
43374813
[source]
▶
>>43374582
#
Sad that XML has too many features for an otherwise somewhat nice, but verbose markup language.
replies(2):
>>43374910
#
>>43374941
#
1.
bawolff
◴[
15 Mar 25 20:26 UTC
]
No.
43374941
[source]
▶
>>43374813
#
Some of it isn't explicitly XML's fault (although it doesn't help). SAML and especially XMLSignature are terrible standards even in ways that dont involve xml.
ID:
GO
↑