Add disable_double_encoding config info

[NutharaNR]

Purpose

SAML artifact is being double–URL encoded, even though the SAML specification requires only a single URL encoding[1]. To address this, a new configuration option, saml.artifact.disable_double_encoding, has been introduced. Its default value in older versions(7.1.0 & 7.2.0) is false and in master the value is true, which enforces the correct (single-encoding) behavior.

Related PRs

• Add configuration to disable double-encoding of SAML artifact binding carbon-identity-framework#7671
• Conditionally disable double encoding for SAML Artifact binding wso2-extensions/identity-inbound-auth-saml#452

Related Issues

• Add [saml.artifact] disable_double_encoding config to migration-docs product-is#26533
• Double URL Encoding in SAML Artifact Binding product-is#26211

Test environment

Security checks

• Followed secure coding standards in http://wso2.com/technical-reports/wso2-secure-engineering-guidelines?
• Ran FindSecurityBugs plugin and verified report?
• Confirmed that this PR doesn't commit any keys, passwords, tokens, usernames, or other secrets?

Summary by CodeRabbit

• Documentation
  • Updated SAML authentication guide with deployment configuration guidance for versions 7.1.0 and 7.2.0, including TOML configuration examples for artifact handling.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

Documentation update adding conditional informational blocks to SAML artifact binding guide that explain disabling double encoding in deployment.toml for product versions 7.1.0 and 7.2.0, with accompanying configuration examples.

Changes

Cohort / File(s)	Summary
SAML Documentation en/includes/guides/authentication/saml/saml-artifact-binding.md	Added 11 lines of version-conditional guidance (7.1.0 and 7.2.0) explaining how to disable SAML artifact double encoding in deployment.toml; includes TOML configuration snippet inserted at two locations within the document

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~5 minutes

Poem

🐰 A guide now clearer, version-aware,
Double encoding tips laid bare,
For 7.1 and 7.2 to see,
Configuration made easy as can be! 📚✨

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'Add disable_double_encoding config info' directly describes the main change—adding configuration information about disabling double encoding of SAML artifacts.
Description check	✅ Passed	The description includes Purpose, Related PRs, and Related Issues sections as required, though Test environment and Security checks items are incomplete or unchecked.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In `@en/includes/guides/authentication/saml/saml-artifact-binding.md`:
- Line 213: The MkDocs admonition type in the documentation uses an uppercase
identifier; change the admonition heading `Info` to lowercase `info` (i.e.,
replace `!!! Info` with `!!! info`) so MkDocs Material will recognize and render
the admonition correctly in saml-artifact-binding.md.

📜 Review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 339953d and f63a457.

📒 Files selected for processing (1)

• en/includes/guides/authentication/saml/saml-artifact-binding.md

🔇 Additional comments (2)

en/includes/guides/authentication/saml/saml-artifact-binding.md (2)

212-221: Documentation accurately reflects the version-specific behavior.

The conditional block correctly targets versions 7.1.0 and 7.2.0 where double encoding is the default behavior, and provides clear guidance on how to disable it with the appropriate configuration. The TOML snippet is properly formatted.

---

212-221: AI summary incorrectly claimed two locations; only one instance exists.

The search confirms only a single instance of the disable_double_encoding configuration block exists in the document (line 219). The AI-generated summary stating two locations was inaccurate. The current code placement is correct and complete.

_{✏️ Tip: You can disable this entire section by setting review_details to false in your review settings.}

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Use lowercase for MkDocs admonition type.

MkDocs Material requires lowercase admonition identifiers. Change Info to info for proper rendering.

📝 Proposed fix

-    !!! Info
+    !!! info

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	!!! Info
	!!! info

🤖 Prompt for AI Agents

In `@en/includes/guides/authentication/saml/saml-artifact-binding.md` at line 213,
The MkDocs admonition type in the documentation uses an uppercase identifier;
change the admonition heading `Info` to lowercase `info` (i.e., replace `!!!
Info` with `!!! info`) so MkDocs Material will recognize and render the
admonition correctly in saml-artifact-binding.md.