diff options
| author | Brion Vibber <brion@pobox.com> | 2010-06-16 12:37:14 -0700 |
|---|---|---|
| committer | Brion Vibber <brion@pobox.com> | 2010-06-16 12:37:14 -0700 |
| commit | d65d9826811c5e9b2aec01aa89abffbfbee535f8 (patch) | |
| tree | 2ea6a438928375bbad115d9741cabcedae872be1 /plugins | |
| parent | a1b25b46bc4bf3dbe7766e865e0a47056786bf0c (diff) | |
| parent | ce7176d9878e298cd1ed5bc44e97aca5a4a6bc81 (diff) | |
Merge branch 'master' into testing
Diffstat (limited to 'plugins')
| -rw-r--r-- | plugins/OpenID/openidserver.php | 17 |
1 files changed, 13 insertions, 4 deletions
diff --git a/plugins/OpenID/openidserver.php b/plugins/OpenID/openidserver.php index afbca553f..2a414c487 100644 --- a/plugins/OpenID/openidserver.php +++ b/plugins/OpenID/openidserver.php @@ -69,9 +69,13 @@ class OpenidserverAction extends Action //cannot prompt the user to login in immediate mode, so answer false $response = $this->generateDenyResponse($request); }else{ - /* Go log in, and then come back. */ + // Go log in, and then come back. + // + // Note: 303 redirect rather than 307 to avoid + // prompting user for form resubmission if we + // were POSTed here. common_set_returnto($_SERVER['REQUEST_URI']); - common_redirect(common_local_url('login')); + common_redirect(common_local_url('login'), 303); return; } }else if(common_profile_url($user->nickname) == $request->identity || $request->idSelect()){ @@ -90,8 +94,13 @@ class OpenidserverAction extends Action $this->oserver->encodeResponse($denyResponse); //sign the response $_SESSION['openid_allow_url'] = $allowResponse->encodeToUrl(); $_SESSION['openid_deny_url'] = $denyResponse->encodeToUrl(); - //ask the user to trust this trust root - common_redirect(common_local_url('openidtrust')); + + // Ask the user to trust this trust root... + // + // Note: 303 redirect rather than 307 to avoid + // prompting user for form resubmission if we + // were POSTed here. + common_redirect(common_local_url('openidtrust'), 303); return; } }else{ |