summaryrefslogtreecommitdiff
path: root/actions
diff options
context:
space:
mode:
authorEvan Prodromou <evan@prodromou.name>2008-06-05 00:03:58 -0400
committerEvan Prodromou <evan@prodromou.name>2008-06-05 00:03:58 -0400
commit356f40198633a0e93097c589d959d24c15410193 (patch)
treea8376a7c14846fc61afd87efa81571a5de8d9523 /actions
parent24ff61d159a710c047947681d68f4084eafd308f (diff)
bad validation of callback URL
darcs-hash:20080605040358-84dde-b2018db43791d1cbed722d3320cd0b62d6da94eb.gz
Diffstat (limited to 'actions')
-rw-r--r--actions/userauthorization.php2
1 files changed, 1 insertions, 1 deletions
diff --git a/actions/userauthorization.php b/actions/userauthorization.php
index 0d3b71ac9..76fde6d87 100644
--- a/actions/userauthorization.php
+++ b/actions/userauthorization.php
@@ -408,7 +408,7 @@ class UserauthorizationAction extends Action {
throw new OAuthException("Invalid avatar '$avatar'");
}
$callback = $req->get_parameter('oauth_callback');
- if ($avatar && common_valid_http_url($callback)) {
+ if ($callback && !common_valid_http_url($callback)) {
throw new OAuthException("Invalid callback URL '$callback'");
}
}