Shibboleth Developers

["Scott Cantor" <>]

André Cruz wrote on 2010-02-25:
> I know these were very specific circumstances but can't the SP and IDP
make
> sure the metadata fetched is valid before overwriting the local file?

Depends what you mean by "valid", but it was my plan to change the code to
use a tempfile first, wait for the filters to execute without throwing, and
then move it in.

An example today where this runs into problems is if the root signature's
corrupt. I can't tell that until the filters run and the filters can alter
the document, so if I wait to back it up until the filters run, it's too
late. So I have to change it to a two stage process.

> Should I file it in JIRA?

I'm probably going to change it anyway, but having a bug filed is best.

But I don't think 2.4 is likely for a long while, there's a lot of stuff to
do for this release and last year there were too many. So in short, don't
put XHTML in place of your metadata, or you could turn schema validation on.
There's no way it would have validated.
 
-- Scott