forked from GNUsocial/gnu-social
Merge branch 'master' of gitorious.org:statusnet/mainline
* 'master' of gitorious.org:statusnet/mainline: Switch OpenID server's redirects from 307 to 303 to avoid prompt for form data resubmission if we were sent here from a POST request, such as when verifying the site for the first time doing an OpenID login from Drupal.
This commit is contained in:
commit
ba2bffa76e
@ -69,9 +69,13 @@ class OpenidserverAction extends Action
|
|||||||
//cannot prompt the user to login in immediate mode, so answer false
|
//cannot prompt the user to login in immediate mode, so answer false
|
||||||
$response = $this->generateDenyResponse($request);
|
$response = $this->generateDenyResponse($request);
|
||||||
}else{
|
}else{
|
||||||
/* Go log in, and then come back. */
|
// Go log in, and then come back.
|
||||||
|
//
|
||||||
|
// Note: 303 redirect rather than 307 to avoid
|
||||||
|
// prompting user for form resubmission if we
|
||||||
|
// were POSTed here.
|
||||||
common_set_returnto($_SERVER['REQUEST_URI']);
|
common_set_returnto($_SERVER['REQUEST_URI']);
|
||||||
common_redirect(common_local_url('login'));
|
common_redirect(common_local_url('login'), 303);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
}else if(common_profile_url($user->nickname) == $request->identity || $request->idSelect()){
|
}else if(common_profile_url($user->nickname) == $request->identity || $request->idSelect()){
|
||||||
@ -90,8 +94,13 @@ class OpenidserverAction extends Action
|
|||||||
$this->oserver->encodeResponse($denyResponse); //sign the response
|
$this->oserver->encodeResponse($denyResponse); //sign the response
|
||||||
$_SESSION['openid_allow_url'] = $allowResponse->encodeToUrl();
|
$_SESSION['openid_allow_url'] = $allowResponse->encodeToUrl();
|
||||||
$_SESSION['openid_deny_url'] = $denyResponse->encodeToUrl();
|
$_SESSION['openid_deny_url'] = $denyResponse->encodeToUrl();
|
||||||
//ask the user to trust this trust root
|
|
||||||
common_redirect(common_local_url('openidtrust'));
|
// Ask the user to trust this trust root...
|
||||||
|
//
|
||||||
|
// Note: 303 redirect rather than 307 to avoid
|
||||||
|
// prompting user for form resubmission if we
|
||||||
|
// were POSTed here.
|
||||||
|
common_redirect(common_local_url('openidtrust'), 303);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
}else{
|
}else{
|
||||||
|
Loading…
Reference in New Issue
Block a user