|
|
|
|
|
|
by mdaniel
455 days ago
|
|
|
> "I don't need a full XML parser, I just need this little piece of data! Let's keep things lightweight. This can just be a regex..." relevant: > ruby-saml was using two different XML parsers during the code path of signature verification. Namely, REXML and Nokogiri where "REXML" does exactly what you described, and hilarity ensued Sign in as anyone: Bypassing SAML SSO authentication with parser differentials - https://news.ycombinator.com/item?id=43374519 - March 2025 (126 comments) |
|
|