Fix markdown

tvdijen · tvdijen · commit 1730f2cec431 · 2025-07-02T00:07:29.000+02:00
diff --git a/docs/simplesamlphp-nostate.md b/docs/simplesamlphp-nostate.md
@@ -36,7 +36,7 @@ The domain name the IdP sends the response to is configured in the metadata of
 the IdP. This means that it may not match up with the domain name the user
 accessed. For example we may have the following scenario:
 
-1. The user accesses `https://www.example.org/`. A session is created for the user, and the session cookie is set for the current domain (www.example.org).
+1. The user accesses `https://www.example.org/`. A session is created for the user, and the session cookie is set for the current domain (`www.example.org`).
 1. The user needs to be authenticated. We therefore save some information about the current status in the state array, create a SAML 2.0 authentication request, and send it to the IdP.
 1. The user logs in on the IdP. The IdP then sends a response to the SP at `example.org`. However, the metadata for the SP that is registered at the IdP uses `https://example.org/` (without `www`) as the domain the response should be sent to. The authentication response is therefore sent to that domain.
 1. The SP (now at `https://example.org/`) tries to load the state information associated with the authentication response it received. But, because the domain name has changed, we do not receive the session cookie of the user. We are therefore unable to find the session of the user. When we attempt to load the state information from the session we are therefore unable to find it.
diff --git a/docs/simplesamlphp-reference-idp-hosted.md b/docs/simplesamlphp-reference-idp-hosted.md
@@ -210,7 +210,7 @@ The following SAML 2.0 options are available:
 :   The RSA encryption algorithm with PKCS#1 v1.5 padding is blacklisted by default for security reasons. Any assertions
     encrypted with this algorithm will therefore fail to decrypt. You can override this limitation by defining an empty
     array in this option (or blacklisting any other algorithms not including that one). However, it is strongly
-    discouraged to do so. For your own safety, please include the string 'http://www.w3.org/2001/04/xmlenc#rsa-1_5' if
+    discouraged to do so. For your own safety, please include the string `http://www.w3.org/2001/04/xmlenc#rsa-1_5` if
     you make use of this option.
 
 `https.certificate`
diff --git a/docs/simplesamlphp-reference-idp-remote.md b/docs/simplesamlphp-reference-idp-remote.md
@@ -74,7 +74,7 @@ $metadata['entity-id-2'] = [
 :   The RSA encryption algorithm with PKCS#1 v1.5 padding is blacklisted by default for security reasons. Any assertions
     encrypted with this algorithm will therefore fail to decrypt. You can override this limitation by defining an empty
     array in this option (or blacklisting any other algorithms not including that one). However, it is strongly
-    discouraged to do so. For your own safety, please include the string 'http://www.w3.org/2001/04/xmlenc#rsa-1_5' if
+    discouraged to do so. For your own safety, please include the string `http://www.w3.org/2001/04/xmlenc#rsa-1_5` if
     you make use of this option.
 
 `hide.from.discovery`
diff --git a/docs/simplesamlphp-reference-sp-remote.md b/docs/simplesamlphp-reference-sp-remote.md
@@ -153,7 +153,7 @@ The following options can be set:
 :   The RSA encryption algorithm with PKCS#1 v1.5 padding is blacklisted by default for security reasons. Any assertions
     encrypted with this algorithm will therefore fail to decrypt. You can override this limitation by defining an empty
     array in this option (or blacklisting any other algorithms not including that one). However, it is strongly
-    discouraged to do so. For your own safety, please include the string 'http://www.w3.org/2001/04/xmlenc#rsa-1_5' if
+    discouraged to do so. For your own safety, please include the string `http://www.w3.org/2001/04/xmlenc#rsa-1_5` if
     you make use of this option.
 
 `ForceAuthn`
@@ -166,10 +166,9 @@ The following options can be set:
 
 :   The three most commonly used values are:
 
-:
-    1.  `urn:oasis:names:tc:SAML:2.0:nameid-format:transient`
-    2.  `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent`
-    3.  `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress`
+* `urn:oasis:names:tc:SAML:2.0:nameid-format:transient`
+* `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent`
+* `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress`
 
 :   The `transient` format will generate a new unique ID every time
     the SP logs in.
