/top/
/new/
/best/
/ask/
/show/
/job/
^
slacker news
login
about
←back to thread
Sign in as anyone: Bypassing SAML SSO authentication with parser differentials
(github.blog)
312 points
campuscodi
| 1 comments |
15 Mar 25 19:06 UTC
|
HN request time: 0.71s
|
source
Show context
oncallthrow
◴[
15 Mar 25 19:16 UTC
]
No.
43374582
[source]
▶
>>43374519 (OP)
#
XML is to authentication bypasses what C is to buffer overflow attacks
replies(4):
>>43374583
#
>>43374813
#
>>43375202
#
>>43375808
#
thayne
◴[
15 Mar 25 23:16 UTC
]
No.
43375808
[source]
▶
>>43374582
#
XML could really benefit from a standardized subset that cuts out all the unnecessary features and security footguns.
replies(2):
>>43376649
#
>>43380061
#
1.
thayne
◴[
16 Mar 25 16:03 UTC
]
No.
43380061
[source]
▶
>>43375808
#
GMarkup[1] is pretty close to what I had in mind. If only it was more prevalent and had an agreed upon standard.
[1]:
https://docs.gtk.org/glib/markup.html
ID:
GO
↑