Hi, I just merged the PR, but this targets the master branch (v4) which will be a new major stream (not backward compatible with 3.x). I asked Jason to open the same PR for the 3.8.x branch. Thanks. Best regards, Jérôme
Le ven. 12 juil. 2019 à 00:58, larry mccay <[email protected]> a écrit : > Hi Jason - > > Thank you for tracking this down and providing a PR for it! > I've commented on the PR itself and am copying Jérôme on this thread. > > @Jérôme - Heads up - we are currently on 3.7 and will need to get a > version with this fix, I think. > > Thanks again, Jason! > > --larry > > On Thu, Jul 11, 2019 at 6:53 PM Jason Wang <[email protected]> > wrote: > >> Hi folks, >> >> Here's a pac4j bug that effects Knox use cases: >> >> Any query parameter(s) set in an idp-metadata file, as part of the >> HTTP-Redirect Location, are dropped from the resulting URL. For example, >> if >> this was in your idp-metadata file, the query parameter 'qp' would not >> appear in the resulting URL: >> >> <md:SingleSignOnService >> Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location=" >> http://some-host/some-path?qp=thisWouldBeDropped"/> >> >> Here's the PR: https://github.com/pac4j/pac4j/pull/1339 >> >> Thanks, >> Jason >> >
