shibboleth-dev - Re: Inclusion of timestamp on redirect (again)
Subject: Shibboleth Developers
List archive
- From: Derek Atkins <>
- To: Scott Cantor <>
- Cc:
- Subject: Re: Inclusion of timestamp on redirect (again)
- Date: Wed, 24 Dec 2003 22:39:48 -0500
How does this this get pasted back into the target? I'm trying
to understand the flow hear. I'll note that I also proposed
loop detection some time ago -- where the target includes some
data into wayf redirect which will get POSTed back to the target
to make sure we don't have a loop. Is this what you're talking
about? Or are you trying to solve a different problem?
-derek
Scott Cantor
<>
writes:
> I've brought this up before, but at the time we deferred this issue to some
> future point. Unfortunately, I've got to have this now, so I either patch
> the target or I patch a private copy of the target.
>
> Eventually we'll have a way of handling this sort of thing in SAML 2.0, but
> in the meantime, I really need a way to add a timestamp to the
> target->origin redirect. There is simply no other way with the current
> protocol to detect stale pages in the history list when the back button is
> used, and this is rapidly going to become a deal breaker for me getting this
> rolled out here.
>
> We've got a slate of updates to the arch doc anyway, so adding this doesn't
> seem like a big deal to me, and it's purely optional. Nobody's origin will
> break if it's there, and nobody's target will break if they don't include
> it, so there's no compatibility issue at all.
>
> As it is I'm going to hack my origin to actually look at it, not add
> anything to CVS (yet). But I really need a target source distribution I can
> give out here that includes the parameter and I'd like to add it with the
> other cookie fixes I'm patching back into 1.1.
>
> Is there a major objection to me just doing this, or do I have to fork?
>
> (If there's a question about how this looks, it's just a time_t value in
> decimal on the end, "&time=nnnnnnnnnn". Adds about 16 bytes to the URL.)
>
> -- Scott
>
>
>
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
PGP key available
- Inclusion of timestamp on redirect (again), Scott Cantor, 12/23/2003
- Re: Inclusion of timestamp on redirect (again), Derek Atkins, 12/24/2003
- RE: Inclusion of timestamp on redirect (again), Scott Cantor, 12/25/2003
- Re: Inclusion of timestamp on redirect (again), Derek Atkins, 12/25/2003
- RE: Inclusion of timestamp on redirect (again), Scott Cantor, 12/25/2003
- Re: Inclusion of timestamp on redirect (again), Derek Atkins, 12/25/2003
- RE: Inclusion of timestamp on redirect (again), Scott Cantor, 12/25/2003
- Re: Inclusion of timestamp on redirect (again), Derek Atkins, 12/24/2003
Archive powered by MHonArc 2.6.16.