#1007 closed defect (fixed)
OpenID return_to generation broken when req.href() is empty
| Reported by: | Owned by: | wkornewald | |
|---|---|---|---|
| Priority: | high | Component: | OpenidPlugin |
| Severity: | major | Keywords: | openid return_to href |
| Cc: | cygnus@…, ilias@… | Trac Release: | 0.10 |
Description
When req.href() is empty, the slice used to build the return_to and trust_root URLs for OpenID results in an empty return_to base URL, which causes OpenID to fail. The attached patch applies the slice only if len(req.href()) > 0.
Attachments (1)
Change History (10)
Changed 17 years ago by
comment:1 Changed 17 years ago by
| Cc: | cygnus@… added; anonymous removed |
|---|
comment:2 Changed 17 years ago by
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
Thanks for the patch. I've applied it, now.
Would you be interested in taking this plugin over?
After having played with OpenID and thought about it again, I think it doesn't work the way I want (too much dependence on the provider). I prefer CardSpace because it can be used for critical authentication whereas I would never trust OpenID for accessing my bank account or even my emails, for example.
comment:3 Changed 17 years ago by
| Cc: | ilias@… added; cygnus@… removed |
|---|
comment:5 Changed 17 years ago by
Yeah, I'm interested in taking it over. (ilias@…: turns out I get CC'd as owner, but thanks for fixing the CC anyway.)
comment:6 Changed 17 years ago by
Then, just register an account, tell me your username, and I'll contact Alec Thomas to give you svn access (or you can do it).
comment:8 Changed 17 years ago by
you may want to take a look at this thread and this ticket: trac:#2456
Patch to fix return_to and trust_root generation