Skip to content

v0.3.0

Compare
Choose a tag to compare
@ploer ploer released this 09 Jun 18:02
· 561 commits to master since this release

Significant changes, primarily around preventing replay attacks:

  • Check validity of NotBefore and NotOnOrAfter elements in assertions -- #35, #38
    • Note that this is on by default, so is a potentially breaking change.
  • Optionally, check inResponseTo ids to make sure each response matches a request, and that there is only one response to any request -- #37
  • Require latest xml-crypto, and stop monkey-patching xml-crypto
  • Documentation fix #39