File tree Expand file tree Collapse file tree 1 file changed +13
-0
lines changed Expand file tree Collapse file tree 1 file changed +13
-0
lines changed Original file line number Diff line number Diff line change @@ -180,6 +180,19 @@ sub verify {
180180 my $saml_request ;
181181 my $sig = $u -> query_param_delete(' Signature'
182182
183+ # During the verify the only query parameters that should be in the query are
184+ # 'SAMLRequest', 'RelayState', 'Sig', 'SigAlg' the other parameter values are
185+ # deleted from the URI query that was created from the URL that was passed
186+ # to the verify function
187+ my @signed_params = (' SAMLRequest' ' RelayState' ' Sig' ' SigAlg'
188+
189+ for my $key ($u -> query_param) {
190+ if (grep /$key /, @signed_params ) {
191+ next ;
192+ }
193+ $u -> query_param_delete($key );
194+ }
195+
183196 # Some IdPs (PingIdentity) seem to double encode the LogoutResponse URL
184197 if (defined $self -> sls_double_encoded_response and $self -> sls_double_encoded_response == 1) {
185198 # if ($sigalg =~ m/%/) {
You can’t perform that action at this time.
0 commit comments