From e10256fe93208ef786d2e38a68a98e2548d501ee Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Mon, 31 Aug 2020 10:22:11 +0200 Subject: fix SSRF bug in SAML1 parameter validator --- id/server/data/deploy/conf/moa-id/moa-id.properties | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'id/server/data/deploy') diff --git a/id/server/data/deploy/conf/moa-id/moa-id.properties b/id/server/data/deploy/conf/moa-id/moa-id.properties index beeab5375..ba883d1a1 100644 --- a/id/server/data/deploy/conf/moa-id/moa-id.properties +++ b/id/server/data/deploy/conf/moa-id/moa-id.properties @@ -19,7 +19,8 @@ configuration.moaconfig.key=ConfigurationEncryptionKey configuration.ssl.validation.revocation.method.order=ocsp,crl general.moaidmode.active=true #configuration.ssl.validation.hostname=false -#configuration.validate.authblock.targetfriendlyname=true< +#configuration.validate.authblock.targetfriendlyname=true +#configuration.validate.saml1.parameter.strict=true #MOA-ID 3.x Monitoring Servlet -- cgit v1.2.3