Skip to content

[v13] Validate SAMLIdPServiceProviders ACS endpoints#32220

Merged
r0mant merged 1 commit intobranch/v13from
tross/v13/saml_acs
Sep 20, 2023
Merged

[v13] Validate SAMLIdPServiceProviders ACS endpoints#32220
r0mant merged 1 commit intobranch/v13from
tross/v13/saml_acs

Conversation

@rosstimothy
Copy link
Copy Markdown
Contributor

@rosstimothy rosstimothy commented Sep 20, 2023

Backport #32218 to branch/v13

@r0mant r0mant enabled auto-merge September 20, 2023 16:47
@rosstimothy
Validate SAMLIdPServiceProviders ACS endpoints
8894dd4 
Enforces that all ACS endpoints are HTTPS to prevent any
XSS attacks. To allow admins to interogate any existing resources
which may be impacted validation only happens on create and update
but not get. All usages of SAMLIdPServiceProviders within teleport
follow all internal retrievals with a call to
services.ValidateAssertionConsumerServicesEndpoint in order to
subvert invalid ACS endpoints.
@r0mant r0mant added this pull request to the merge queue Sep 20, 2023
Merged via the queue into branch/v13 with commit 4d542a5 Sep 20, 2023
@r0mant r0mant deleted the tross/v13/saml_acs branch September 20, 2023 18:41
@fheinecke fheinecke mentioned this pull request Sep 26, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Tener Tener Tener approved these changes

@r0mant r0mant r0mant approved these changes

@marcoandredinis marcoandredinis marcoandredinis approved these changes

Assignees

No one assigned

Labels

backport size/md

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@rosstimothy @Tener @r0mant @marcoandredinis