summaryrefslogtreecommitdiff
path: root/plugins/OpenID
diff options
context:
space:
mode:
authorBrion Vibber <brion@pobox.com>2010-06-16 12:38:35 -0700
committerBrion Vibber <brion@pobox.com>2010-06-16 12:38:35 -0700
commit9684cbe3c6d61be0b1cc2094bc4278cd8a21b33e (patch)
tree46a52783103529ccd52b4a5af5347df35cf9f894 /plugins/OpenID
parent7f3b3620af2af88ced37da1d9f8913cfd1a31b90 (diff)
parentd65d9826811c5e9b2aec01aa89abffbfbee535f8 (diff)
Merge branch 'testing' into 0.9.x
Conflicts: plugins/OpenID/openidserver.php
Diffstat (limited to 'plugins/OpenID')
-rw-r--r--plugins/OpenID/openidserver.php13
1 files changed, 11 insertions, 2 deletions
diff --git a/plugins/OpenID/openidserver.php b/plugins/OpenID/openidserver.php
index 0e16881c5..b2cf1f8ac 100644
--- a/plugins/OpenID/openidserver.php
+++ b/plugins/OpenID/openidserver.php
@@ -71,7 +71,11 @@ class OpenidserverAction extends Action
//cannot prompt the user to login in immediate mode, so answer false
$response = $this->generateDenyResponse($request);
}else{
- /* Go log in, and then come back. */
+ // Go log in, and then come back.
+ //
+ // Note: 303 redirect rather than 307 to avoid
+ // prompting user for form resubmission if we
+ // were POSTed here.
common_set_returnto($_SERVER['REQUEST_URI']);
common_redirect(common_local_url('login'), 303);
return;
@@ -92,7 +96,12 @@ class OpenidserverAction extends Action
$this->oserver->encodeResponse($denyResponse); //sign the response
$_SESSION['openid_allow_url'] = $allowResponse->encodeToUrl();
$_SESSION['openid_deny_url'] = $denyResponse->encodeToUrl();
- //ask the user to trust this trust root
+
+ // Ask the user to trust this trust root...
+ //
+ // Note: 303 redirect rather than 307 to avoid
+ // prompting user for form resubmission if we
+ // were POSTed here.
common_redirect(common_local_url('openidtrust'), 303);
return;
}