diff options
author | Evan Prodromou <evan@prodromou.name> | 2008-06-05 00:03:58 -0400 |
---|---|---|
committer | Evan Prodromou <evan@prodromou.name> | 2008-06-05 00:03:58 -0400 |
commit | 356f40198633a0e93097c589d959d24c15410193 (patch) | |
tree | a8376a7c14846fc61afd87efa81571a5de8d9523 | |
parent | 24ff61d159a710c047947681d68f4084eafd308f (diff) |
bad validation of callback URL
darcs-hash:20080605040358-84dde-b2018db43791d1cbed722d3320cd0b62d6da94eb.gz
-rw-r--r-- | actions/userauthorization.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/actions/userauthorization.php b/actions/userauthorization.php index 0d3b71ac9..76fde6d87 100644 --- a/actions/userauthorization.php +++ b/actions/userauthorization.php @@ -408,7 +408,7 @@ class UserauthorizationAction extends Action { throw new OAuthException("Invalid avatar '$avatar'"); } $callback = $req->get_parameter('oauth_callback'); - if ($avatar && common_valid_http_url($callback)) { + if ($callback && !common_valid_http_url($callback)) { throw new OAuthException("Invalid callback URL '$callback'"); } } |