summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--plugins/OpenID/openid.php16
1 files changed, 15 insertions, 1 deletions
diff --git a/plugins/OpenID/openid.php b/plugins/OpenID/openid.php
index 4ce350f77..1b93163e5 100644
--- a/plugins/OpenID/openid.php
+++ b/plugins/OpenID/openid.php
@@ -182,7 +182,19 @@ function oid_authenticate($openid_url, $returnto, $immediate=false)
$trust_root = common_root_url(true);
$process_url = common_local_url($returnto);
- if ($auth_request->shouldSendRedirect()) {
+ // Net::OpenID::Server as used on LiveJournal appears to incorrectly
+ // reject POST requests for data submissions that OpenID 1.1 specs
+ // as GET, although 2.0 allows them:
+ // https://rt.cpan.org/Public/Bug/Display.html?id=42202
+ //
+ // Our OpenID libraries would have switched in the redirect automatically
+ // if it were detecting 1.1 compatibility mode, however the server is
+ // advertising itself as 2.0-compatible, so we got switched to the POST.
+ //
+ // Since the GET should always work anyway, we'll just take out the
+ // autosubmitter for now.
+ //
+ //if ($auth_request->shouldSendRedirect()) {
$redirect_url = $auth_request->redirectURL($trust_root,
$process_url,
$immediate);
@@ -194,6 +206,7 @@ function oid_authenticate($openid_url, $returnto, $immediate=false)
} else {
common_redirect($redirect_url, 303);
}
+ /*
} else {
// Generate form markup and render it.
$form_id = 'openid_message';
@@ -219,6 +232,7 @@ function oid_authenticate($openid_url, $returnto, $immediate=false)
$action->handle(array('action' => 'autosubmit'));
}
}
+ */
}
# Half-assed attempt at a module-private function