zitadel / saml

A SAML 2.0 server (IdP) implementation written for Go
https://zitadel.com
Apache License 2.0
45 stars 9 forks source link

Support custom HTML templates #88

Closed feeltheajf closed 2 days ago

feeltheajf commented 1 week ago

Is your feature request related to a problem? Please describe. Hardcoded HTML templates do not offer any customisation (to improve branding or security). For instance, we have a strict Content Security Policy, which does not allow inline scripts and we do not want to have unnecessary exclusions.

Describe the solution you'd like Allow to configure custom HTML templates.

Describe alternatives you've considered I cannot think of any.

Additional context See https://github.com/zitadel/saml/pull/89.

livio-a commented 2 days ago

Hey @feeltheajf

Thank you for the issue (and implementation). While there are for sure some workarounds for CSP (e.g. hash) and the form itself should not get displayed to the user, but i totally get your requirement. Will check the PR now.

github-actions[bot] commented 2 days ago

:tada: This issue has been resolved in version 0.3.0 :tada:

The release is available on GitHub release

Your semantic-release bot :package::rocket: