Closed enrichman closed 5 years ago
Thank you for the report! Switched to text/template which does not provide XML escaping but it's fine for our needs.
The SAML package you linked actually looks abandoned, and generates invalid metadata: https://github.com/RobotsAndPencils/go-saml/issues/9
SP Metadata are not correctly parsed since the
html/template
package is not meant for XML templating (see: https://github.com/golang/go/issues/3133 ) It results in having the first line escaped inI would suggest to delegate the SAML XML logic to a more complete and robust library implementation, such as https://github.com/RobotsAndPencils/go-saml.
What do you think? 👍