diff options
-rw-r--r-- | plugins/OpenID/openid.php | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/plugins/OpenID/openid.php b/plugins/OpenID/openid.php index 4ce350f77..1b93163e5 100644 --- a/plugins/OpenID/openid.php +++ b/plugins/OpenID/openid.php @@ -182,7 +182,19 @@ function oid_authenticate($openid_url, $returnto, $immediate=false) $trust_root = common_root_url(true); $process_url = common_local_url($returnto); - if ($auth_request->shouldSendRedirect()) { + // Net::OpenID::Server as used on LiveJournal appears to incorrectly + // reject POST requests for data submissions that OpenID 1.1 specs + // as GET, although 2.0 allows them: + // https://rt.cpan.org/Public/Bug/Display.html?id=42202 + // + // Our OpenID libraries would have switched in the redirect automatically + // if it were detecting 1.1 compatibility mode, however the server is + // advertising itself as 2.0-compatible, so we got switched to the POST. + // + // Since the GET should always work anyway, we'll just take out the + // autosubmitter for now. + // + //if ($auth_request->shouldSendRedirect()) { $redirect_url = $auth_request->redirectURL($trust_root, $process_url, $immediate); @@ -194,6 +206,7 @@ function oid_authenticate($openid_url, $returnto, $immediate=false) } else { common_redirect($redirect_url, 303); } + /* } else { // Generate form markup and render it. $form_id = 'openid_message'; @@ -219,6 +232,7 @@ function oid_authenticate($openid_url, $returnto, $immediate=false) $action->handle(array('action' => 'autosubmit')); } } + */ } # Half-assed attempt at a module-private function |