File tree Expand file tree Collapse file tree 1 file changed +5
-3
lines changed
Expand file tree Collapse file tree 1 file changed +5
-3
lines changed Original file line number Diff line number Diff line change 10121012
10131013# Indicates whether POST data will be preserved across authentication requests (and discovery in case of multiple OPs).
10141014# This is designed to prevent data loss when a session timeout occurs in a (long) user filled HTML form.
1015- # It cannot handle arbitrary payloads for security (DOS) reasons, merely form-encoded user data.
1016- # Preservation is done via HTML 5 session storage: note that this can lead to private data exposure on shared terminals.
1017- # The default is "Off" (for security reasons). Can be configured on a per Directory/Location basis.
1015+ # It cannot handle arbitrary payloads for security (DOS) reasons, merely form-encoded user data where the Content-Type
1016+ # header value is application/x-www-form-urlencoded. See also:
1017+ # https://github.com/OpenIDC/mod_auth_openidc/wiki/Known-Limitations#post-data-preservation-1
1018+ # Preservation is done via HTML 5 session storage in the browser: note that this can lead to private data exposure on shared terminals.
1019+ # The default is "Off" (for security reasons). It can be configured on a per Directory/Location basis.
10181020#OIDCPreservePost [On|Off]
10191021
10201022# POST preserve and restore templates to be used with OIDCPreservePost
You can’t perform that action at this time.
0 commit comments