Skip to content

[v14] Validate SAMLIdPServiceProviders ACS endpoints#32219

Merged
r0mant merged 1 commit intobranch/v14from
tross/v14/saml_acs
Sep 20, 2023
Merged

[v14] Validate SAMLIdPServiceProviders ACS endpoints#32219
r0mant merged 1 commit intobranch/v14from
tross/v14/saml_acs

Conversation

@rosstimothy
Copy link
Copy Markdown
Contributor

@rosstimothy rosstimothy commented Sep 20, 2023

Backport #32218 to branch/v14

@r0mant r0mant enabled auto-merge September 20, 2023 16:47
@rosstimothy
Validate SAMLIdPServiceProviders ACS endpoints
6b0ea0f 
Enforces that all ACS endpoints are HTTPS to prevent any
XSS attacks. To allow admins to interogate any existing resources
which may be impacted validation only happens on create and update
but not get. All usages of SAMLIdPServiceProviders within teleport
follow all internal retrievals with a call to
services.ValidateAssertionConsumerServicesEndpoint in order to
subvert invalid ACS endpoints.
@r0mant r0mant added this pull request to the merge queue Sep 20, 2023
@github-merge-queue github-merge-queue Bot removed this pull request from the merge queue due to failed status checks Sep 20, 2023
@r0mant r0mant added this pull request to the merge queue Sep 20, 2023
Merged via the queue into branch/v14 with commit 5b6efc7 Sep 20, 2023
@r0mant r0mant deleted the tross/v14/saml_acs branch September 20, 2023 19:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Tener Tener Tener approved these changes

@r0mant r0mant r0mant approved these changes

@marcoandredinis marcoandredinis marcoandredinis approved these changes

Assignees

No one assigned

Labels

backport size/md

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@rosstimothy @Tener @r0mant @marcoandredinis