aboutsummaryrefslogtreecommitdiff
path: root/id/server/data
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2020-08-31 10:22:11 +0200
committerThomas Lenz <tlenz@iaik.tugraz.at>2020-08-31 10:22:11 +0200
commite10256fe93208ef786d2e38a68a98e2548d501ee (patch)
treea5c1c97936cdd635db7a24164f796be6be5413ee /id/server/data
parentc4633dffe99d4cc41e25fe165b6b8b5013ea34bd (diff)
downloadmoa-id-spss-e10256fe93208ef786d2e38a68a98e2548d501ee.tar.gz
moa-id-spss-e10256fe93208ef786d2e38a68a98e2548d501ee.tar.bz2
moa-id-spss-e10256fe93208ef786d2e38a68a98e2548d501ee.zip
fix SSRF bug in SAML1 parameter validator
Diffstat (limited to 'id/server/data')
-rw-r--r--id/server/data/deploy/conf/moa-id/moa-id.properties3
1 files changed, 2 insertions, 1 deletions
diff --git a/id/server/data/deploy/conf/moa-id/moa-id.properties b/id/server/data/deploy/conf/moa-id/moa-id.properties
index beeab5375..ba883d1a1 100644
--- a/id/server/data/deploy/conf/moa-id/moa-id.properties
+++ b/id/server/data/deploy/conf/moa-id/moa-id.properties
@@ -19,7 +19,8 @@ configuration.moaconfig.key=ConfigurationEncryptionKey
configuration.ssl.validation.revocation.method.order=ocsp,crl
general.moaidmode.active=true
#configuration.ssl.validation.hostname=false
-#configuration.validate.authblock.targetfriendlyname=true<
+#configuration.validate.authblock.targetfriendlyname=true
+#configuration.validate.saml1.parameter.strict=true
#MOA-ID 3.x Monitoring Servlet