From fc1a463b9593c09e5de022c1edc5ad1108c4a33c Mon Sep 17 00:00:00 2001
From: Craig Andrews <candrews@integralblue.com>
Date: Thu, 8 Apr 2010 17:20:24 -0400
Subject: Redirect using HTTP 303 so that form POST data is not re-submitted to
 the destination page

---
 plugins/OpenID/openidserver.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'plugins/OpenID')

diff --git a/plugins/OpenID/openidserver.php b/plugins/OpenID/openidserver.php
index afbca553f..a31596a10 100644
--- a/plugins/OpenID/openidserver.php
+++ b/plugins/OpenID/openidserver.php
@@ -71,7 +71,7 @@ class OpenidserverAction extends Action
                 }else{
                     /* Go log in, and then come back. */
                     common_set_returnto($_SERVER['REQUEST_URI']);
-                    common_redirect(common_local_url('login'));
+                    common_redirect(common_local_url('login'), 303);
                     return;
                 }
             }else if(common_profile_url($user->nickname) == $request->identity || $request->idSelect()){
@@ -91,7 +91,7 @@ class OpenidserverAction extends Action
                         $_SESSION['openid_allow_url'] = $allowResponse->encodeToUrl();
                         $_SESSION['openid_deny_url'] = $denyResponse->encodeToUrl();
                         //ask the user to trust this trust root
-                        common_redirect(common_local_url('openidtrust'));
+                        common_redirect(common_local_url('openidtrust'), 303);
                         return;
                     }
                 }else{
-- 
cgit v1.2.3-54-g00ecf