You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I think it is reasonable to support stripping out everything prior to --- BEGIN --- and --- END --. Should check if there is a RFC 7468-compliant function already. This would be a good to do for RubySaml 2.0
RFC 7468 says "Data before the encapsulation boundaries are permitted" in a PEM format file. But the code in
https://github.com/onelogin/ruby-saml/blob/c38d72425b11aee5b2be595d44b407f8dfd92d6a/lib/onelogin/ruby-saml/utils.rb#L85
, when given a file with a single PEM block of certificate plus some non-ASCII extra text, will reformat in such way to move those extra text into the PEM block, resulting in downstream failures to decode.
The text was updated successfully, but these errors were encountered: