Skip to content

Commit bbb3c1e

Browse files
pitbulkpitbulk
committed
Typo
1 parent 96dd9ef commit bbb3c1e

File tree

1 file changed

+1
-2
lines changed

1 file changed

+1
-2
lines changed

README.md

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -12,8 +12,7 @@ and supported by OneLogin Inc.
1212
Warning
1313
-------
1414

15-
Version 2.18.0 introduces the 'rejectUnsolicitedResponsesWithInResponseTo' setting parameter, by default disabled, that will allow invalidate unsolicited SAMLResponse. This version as well will reject SAMLResponse if requestId was provided to the validator but the SAMLResponse does not contain a InResponseTo attribute.
16-
as well as the 'destinationStrictlyMatches' parameter, by default disabled, that will force that the Destination URL should strictly match to the address that process the SAMLResponse.
15+
Version 2.18.0 introduces the 'rejectUnsolicitedResponsesWithInResponseTo' setting parameter, by default disabled, that will allow invalidate unsolicited SAMLResponse. This version as well will reject SAMLResponse if requestId was provided to the validator but the SAMLResponse does not contain a InResponseTo attribute. And an additional setting parameter 'destinationStrictlyMatches', by default disabled, that will force that the Destination URL should strictly match to the address that process the SAMLResponse.
1716

1817
Version 2.17.1 updates xmlseclibs to 3.0.4 (CVE-2019-3465), but php-saml was not directly affected since it implements additional checks that prevent to exploit that vulnerability.
1918

0 commit comments

Comments
 (0)