Modify

Opened 8 years ago

Closed 8 years ago

Last modified 8 years ago

#1007 closed defect (fixed)

OpenID return_to generation broken when req.href() is empty

Reported by: cygnus@… Owned by: wkornew
Priority: high Component: OpenidPlugin
Severity: major Keywords: openid return_to href
Cc: cygnus@…, ilias@… Trac Release: 0.10

Description

When req.href() is empty, the slice used to build the return_to and trust_root URLs for OpenID results in an empty return_to base URL, which causes OpenID to fail. The attached patch applies the slice only if len(req.href()) > 0.

Attachments (1)

patch (2.3 KB) - added by cygnus@… 8 years ago.
Patch to fix return_to and trust_root generation

Download all attachments as: .zip

Change History (10)

Changed 8 years ago by cygnus@…

Patch to fix return_to and trust_root generation

comment:1 Changed 8 years ago by anonymous

  • Cc cygnus@… added

comment:2 Changed 8 years ago by wkornew

  • Resolution set to fixed
  • Status changed from new to closed

Thanks for the patch. I've applied it, now.

Would you be interested in taking this plugin over?

After having played with OpenID and thought about it again, I think it doesn't work the way I want (too much dependence on the provider). I prefer CardSpace because it can be used for critical authentication whereas I would never trust OpenID for accessing my bank account or even my emails, for example.

comment:3 Changed 8 years ago by lazaridis_com

  • Cc ilias@… added; cygnus@… removed

comment:4 Changed 8 years ago by lazaridis_com

  • Cc cygnus@… added

readded CC

comment:5 Changed 8 years ago by cygnus@…

Yeah, I'm interested in taking it over. (ilias@…: turns out I get CC'd as owner, but thanks for fixing the CC anyway.)

comment:6 Changed 8 years ago by wkornew

Then, just register an account, tell me your username, and I'll contact Alec Thomas to give you svn access (or you can do it).

comment:7 Changed 8 years ago by cygnus

Thanks! I've sent him an email and await SVN access.

comment:8 Changed 8 years ago by lazaridis_com

you may want to take a look at this thread and this ticket: trac:#2456

comment:9 Changed 8 years ago by athomas

Okay I've provided write permissions to cygnus.

Add Comment

Modify Ticket

Action
as closed .
as The resolution will be set. Next status will be 'closed'.
to The owner will be changed from wkornew. Next status will be 'closed'.
The resolution will be deleted. Next status will be 'reopened'.
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.