/top/
/new/
/best/
/ask/
/show/
/job/
^
slacker news
login
about
←back to thread
Sign in as anyone: Bypassing SAML SSO authentication with parser differentials
(github.blog)
312 points
campuscodi
| 1 comments |
15 Mar 25 19:06 UTC
|
HN request time: 0.212s
|
source
1.
robmccoll
◴[
16 Mar 25 00:07 UTC
]
No.
43376034
[source]
▶
>>43374519 (OP)
#
Don't use SAML, mostly because it uses XMLDSig. Don't use XMLDSig because it's hard to get usefully right and easy to get dangerously wrong.
ID:
GO
↑