</RequestMapProvider>
<Implementation>
- <ISAPI normalizeRequest="true">
+ <ISAPI normalizeRequest="true" safeHeaderNames="true">
<!--
Maps IIS Instance ID values to the host scheme/name/port/sslport. The name is
required so that the proper <Host> in the request map above is found without
elementFormDefault="qualified"
attributeFormDefault="unqualified"
blockDefault="substitution"
- version="1.3.1">
+ version="1.3.2">
<import namespace="urn:oasis:names:tc:SAML:1.0:assertion" schemaLocation="cs-sstc-schema-assertion-1.1.xsd"/>
<import namespace="urn:oasis:names:tc:SAML:2.0:metadata" schemaLocation="saml-schema-metadata-2.0.xsd"/>
<attribute name="localRelayState" type="boolean" use="optional" default="false"/>
<attribute name="unsetHeaderValue" type="conf:string" use="optional"/>
<attribute name="checkSpoofing" type="boolean" use="optional"/>
+ <attribute name="spoofKey" type="conf:string" use="optional"/>
<attribute name="catchAll" type="boolean" use="optional"/>
<anyAttribute namespace="##other" processContents="lax"/>
</complexType>
<any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</sequence>
<attribute name="normalizeRequest" type="boolean" use="optional"/>
+ <attribute name="safeHeaderNames" type="boolean" use="optional"/>
<anyAttribute namespace="##other" processContents="lax"/>
</complexType>
</element>