| Issue 69: | wrong mimetype check in openid.php ? | |
| 1 person starred this issue and may be notified of changes. | Back to list |
at line 430 in openid.php we have:
if (isset($headers['content-type'])
&& (strpos($headers['content-type'], 'application/xrds+xml') !== false
|| strpos($headers['content-type'], 'text/xml') !== false)
) {
# Apparently, some providers return XRDS documents as text/html.
# While it is against the spec, allowing this here shouldn't break
# compatibility with anything.
# ---
# Found an XRDS document, now let's find the server, and optionally delegate.
$content = $this->request($url, 'GET');
I had exactly the problem, as stated in above comment, that when doing an HTTP HEAD request the
returned mimetype 'text/html' however when doing an HTTP GET request it returns an XRDS document with as mimetype 'application/xrds+xml'.
However it appears for me that the comment only makes sense if you change in the if statement 'text/xml' to 'text/html'!
So I guess it is a type? At least it solved my problem: allowing also 'text/html' in the if statement so that it is going to
fetch and parse the XRDS document.
Thus I propose change line 432;
|| strpos($headers['content-type'], 'text/xml') !== false)
into:
|| strpos($headers['content-type'], 'text/html') !== false)
Best regards,
Harco Kuppens
Jan 30, 2014
#1
kent.b...@gmail.com
Feb 1, 2014
rss feeds
Feb 24, 2014
If you include text/html providers like flicker, wordpress, blogger, etc, will only give you an endless redirection. |