Deflating request when sending POST #241
Comments
|
If you you've believe you've found a bug, please add new test coverage which illustrates the case, if possible. |
|
Mhm, you can see the logic in provided links and I described the problem. Why do I need to implement a tests? |
|
I've hit this issue as well when |
|
Here is more information about it https://en.wikipedia.org/wiki/SAML_2.0#HTTP_Redirect_Binding
|
|
@sibelius It sounds like we might not be spec-compliant here, but this isn't a feature I use. Would you be interested in submitting a patch? @nkovalenko-sc To answer your question: Why do I need to implement a tests? Because this is a community-maintained open source project. No one here is paid to work on the project for you. If you've run into something that seems to be working not quite right for you, you are precisely the person with an incentive to fix it. Automated tests help insure the correctness of the code changes. (In this case, @sibelius has also run into the issue, so perhaps @sibelius will contribute a patch. |
|
When using the compression should indeed not kick in. |
Hi. I have a problem with
skipRequestCompressionparameter.If it's set to
falsethen script (https://github.com/bergie/passport-saml/blob/master/lib/passport-saml/saml.js#L433) deflates request and sends deflated and base64 encoded request using POST (https://github.com/bergie/passport-saml/blob/master/lib/passport-saml/saml.js#L417).But deflating must be used only when sending HTTP-Redirecting GET request regarding SAML documentation http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-tech-overview-2.0.html.
Please, remove
if (self.options.skipRequestCompression)condition and leave onlygetAuthorizeFormHelperfunction calling instead.The text was updated successfully, but these errors were encountered: