Releasedate: 2014-02-26

Releasenote

Removed the default XmlResolver functionality from XmlDocument and XmlTextReader objects.

The framework will now ignore external references when resolving XML documents, hereby mitigating potential XXE attacks.

Fixed scalability issue on authentication requests to the Demo IDP:
HttpContext.Current.Application["authenticationrequest"] has been changed to HttpContext.Current.Session["authenticationrequest"].

Filer og referencer