Set form-action for SAML Discovery Protocol URL (#1478)
This commit is contained in:
parent
c5f9a7f95b
commit
13320e64a9
|
@ -754,6 +754,17 @@ sub sendHtml {
|
||||||
"Set CSP form-action with request URL: " . $req->{cspFormAction} );
|
"Set CSP form-action with request URL: " . $req->{cspFormAction} );
|
||||||
$csp .= " " . $req->{cspFormAction};
|
$csp .= " " . $req->{cspFormAction};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# Set SAML Discovery Protocol in form-action
|
||||||
|
# See https://github.com/w3c/webappsec-csp/issues/8
|
||||||
|
if ( $self->conf->{samlDiscoveryProtocolActivation}
|
||||||
|
and defined $self->conf->{samlDiscoveryProtocolURL} )
|
||||||
|
{
|
||||||
|
$self->logger->debug(
|
||||||
|
"Add SAML Discovery Protocol URL in CSP form-action");
|
||||||
|
|
||||||
|
$csp .= " " . $self->conf->{samlDiscoveryProtocolURL};
|
||||||
|
}
|
||||||
$csp .= ';';
|
$csp .= ';';
|
||||||
|
|
||||||
# Deny using portal in frame except if it is required
|
# Deny using portal in frame except if it is required
|
||||||
|
|
Loading…
Reference in New Issue
Block a user