| Issue 2: | Possible Erroneous YADIS Discovery | |
| 1 person starred this issue and may be notified of changes. | Back to list |
Hi mewp, this is Alix from StackOverflow.
While working on the porting of your library to the phunction framework I've noticed several bugs, one of them was related to several calls in the form of:
`$content = preg_match('...', $content, $...);`
This one seems to be solved with the latest release, but I can still spot one that can produce non-optimal, erroneous YADIS discoveries. Imagine the following scenario:
1) Content-Type: application/xrds+xml is matched.
2) You find a server that uses the http://specs.openid.net/auth/2.0/ namespace, and grab the $server.
3) You'll still try to search (due to the lack of else if) for the http://openid.net/signon/1.1/ namespace (why not also 1.0?), and if you find it, you'll grab the $server again. If you don't it's still inefficient, since you already have a 2.0 URI.
I suggest you either drop the $ns variable altogether and use if ... else if directly, or switch the order of the conditions, that the most preferable URI (2.0) overrides the previously one found (1.1).
Jul 25, 2010
Project Member
#1
mewp...@gmail.com
Status:
Invalid
Jul 25, 2010
Oh yes - silly me, I overlooked the returns! |