CXRF attack and Shib SP

[Cantor, Scott]

On 4/8/14, 10:36 AM, "Russell Beall" <beall at usc.edu> wrote:
>
>Does anyone on this list have any shib configuration that can block CXRF
>so that a change to the app could be avoided?

I don't know for certain what was detected, but the short answer is that
IdP-initiated SSO is in and of itself an example of CXRF, and the SP
doesn't currently contain options to block it.

-- Scott