saml2: check parameter passed to RelayState is a string (#42358)
This commit is contained in:
parent
7f2dcad556
commit
f854b0586a
|
@ -169,7 +169,8 @@ class Saml2Directory(Directory):
|
|||
login.request.forceAuthn = get_request().form.get('forceAuthn') == 'true'
|
||||
login.request.isPassive = get_request().form.get('IsPassive') == 'true'
|
||||
login.request.consent = 'urn:oasis:names:tc:SAML:2.0:consent:current-implicit'
|
||||
login.msgRelayState = get_request().form.get('next')
|
||||
if isinstance(get_request().form.get('next'), str):
|
||||
login.msgRelayState = get_request().form.get('next')
|
||||
|
||||
next_url = login.msgRelayState or get_publisher().get_frontoffice_url()
|
||||
samlp_extensions = '''<samlp:Extensions
|
||||
|
|
Loading…
Reference in New Issue