diff options
author | Brion Vibber <brion@pobox.com> | 2010-06-26 10:18:03 -0400 |
---|---|---|
committer | Brion Vibber <brion@pobox.com> | 2010-06-26 10:18:03 -0400 |
commit | 00e129b01343e37dbd662b95f423e731b0867023 (patch) | |
tree | ba7e1bb3706adb6081bb61fd9499bef38213be8e /plugins/OpenID/openidserver.php | |
parent | dad0b06a386092b159118780a6a6801f3cf674de (diff) | |
parent | 696e4ba393c658d5b2e1fe46e1389bd7b2cfdb34 (diff) |
Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 1.0.x
Diffstat (limited to 'plugins/OpenID/openidserver.php')
-rw-r--r-- | plugins/OpenID/openidserver.php | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/plugins/OpenID/openidserver.php b/plugins/OpenID/openidserver.php index 0e16881c5..b2cf1f8ac 100644 --- a/plugins/OpenID/openidserver.php +++ b/plugins/OpenID/openidserver.php @@ -71,7 +71,11 @@ class OpenidserverAction extends Action //cannot prompt the user to login in immediate mode, so answer false $response = $this->generateDenyResponse($request); }else{ - /* Go log in, and then come back. */ + // Go log in, and then come back. + // + // Note: 303 redirect rather than 307 to avoid + // prompting user for form resubmission if we + // were POSTed here. common_set_returnto($_SERVER['REQUEST_URI']); common_redirect(common_local_url('login'), 303); return; @@ -92,7 +96,12 @@ class OpenidserverAction extends Action $this->oserver->encodeResponse($denyResponse); //sign the response $_SESSION['openid_allow_url'] = $allowResponse->encodeToUrl(); $_SESSION['openid_deny_url'] = $denyResponse->encodeToUrl(); - //ask the user to trust this trust root + + // Ask the user to trust this trust root... + // + // Note: 303 redirect rather than 307 to avoid + // prompting user for form resubmission if we + // were POSTed here. common_redirect(common_local_url('openidtrust'), 303); return; } |