Skip to content

Special characters are not properly XML-encoded #179

New issue
New issue
Open
Open
Special characters are not properly XML-encoded#179
Labels
Bug
@hobzcalvin

Description

@hobzcalvin
hobzcalvin
opened on Jan 19, 2017

If my ACS URL is http://foobar.com/saml/connect/?someparam=baz&another=bing the XML generated by the library will be of the form:

<samlp:AuthnRequest
    xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
    xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
    ID="ONELOGIN_b59b8f4a13f6f86bb14230429abd724e5fa80c96"
    Version="2.0"
    IssueInstant="2017-01-19T00:32:06Z"
    Destination="https://foobar-dev.onelogin.com/trust/saml2/http-post/sso/123456"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    AssertionConsumerServiceURL="http://foobar.com/saml/connect/?someparam=baz&another=bing"
    >
    <saml:Issuer>http://127.0.0.1:8000/</saml:Issuer>
</samlp:AuthnRequest>

which is not valid XML. The & in the ACS URL must be quoted as &amp;

Metadata

Metadata

Assignees

No one assigned

    Labels

    Bug

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions