diff options
author | Joey Hess <joey@gnu.kitenet.net> | 2010-03-13 20:10:50 -0500 |
---|---|---|
committer | Joey Hess <joey@gnu.kitenet.net> | 2010-03-13 20:10:50 -0500 |
commit | c0ad4929deb455804ddfc6451820c6c67a298ea1 (patch) | |
tree | cd19eca3ca1972958f609204509cc267d2b8c279 | |
parent | fd43e83fcf7bf24493ecfff54111c1c5f1cab573 (diff) |
Improve openid url munging; do not display anchors and cgi parameters, as used by yahoo and google urls.
-rw-r--r-- | IkiWiki.pm | 2 | ||||
-rw-r--r-- | debian/changelog | 2 | ||||
-rw-r--r-- | doc/forum/google_openid_broken__63__.mdwn | 6 | ||||
-rwxr-xr-x | t/openiduser.t | 7 |
4 files changed, 15 insertions, 2 deletions
diff --git a/IkiWiki.pm b/IkiWiki.pm index 00eadfd98..251ed8cc8 100644 --- a/IkiWiki.pm +++ b/IkiWiki.pm @@ -1131,7 +1131,7 @@ sub openiduser ($) { # Convert "http://somehost.com/user" to "user [somehost.com]". # (also "https://somehost.com/user/") if ($display !~ /\[/) { - $display=~s/^https?:\/\/(.+)\/([^\/]+)\/?$/$2 [$1]/; + $display=~s/^https?:\/\/(.+)\/([^\/#?]+)\/?(?:[#?].*)?$/$2 [$1]/; } $display=~s!^https?://!!; # make sure this is removed eval q{use CGI 'escapeHTML'}; diff --git a/debian/changelog b/debian/changelog index 854d83130..0a9679618 100644 --- a/debian/changelog +++ b/debian/changelog @@ -4,6 +4,8 @@ ikiwiki (3.20100313) UNRELEASED; urgency=low as unsafe. * openid: Use Openid Simple Registration or OpenID Attribute Exchange to get the user's email address and username. + * Improve openid url munging; do not display anchors and cgi parameters, + as used by yahoo and google urls. -- Joey Hess <joeyh@debian.org> Sat, 13 Mar 2010 14:48:10 -0500 diff --git a/doc/forum/google_openid_broken__63__.mdwn b/doc/forum/google_openid_broken__63__.mdwn index 4ca5cac93..96ba2d791 100644 --- a/doc/forum/google_openid_broken__63__.mdwn +++ b/doc/forum/google_openid_broken__63__.mdwn @@ -59,6 +59,12 @@ points to a fairly useless xml document, rather than a web page. --[[Joey]] > Using the Google profile page as the OpenID is really orthogonal to the above. --[[kaol]] +>> First, I don't accept that the openid google returns from their +>> generic signin url *has* to be so freaking ugly. For contrast, +>> look at the openid you log in as if you use the yahoo url. +>> <https://me.yahoo.com/joeyhess#35f22>. Nice and clean, now +>> munged by ikiwiki to "joeyhess [me.yahoo.com]". +>> >> Displaying email addresses is not really an option, because ikiwiki >> can't leak user email addresses like that. Displaying nicknames or >> usernames is, see [[todo/Separate_OpenIDs_and_usernames]]. diff --git a/t/openiduser.t b/t/openiduser.t index 52d879484..caabbcefc 100755 --- a/t/openiduser.t +++ b/t/openiduser.t @@ -10,7 +10,7 @@ BEGIN { eval q{use Test::More skip_all => "Net::OpenID::VerifiedIdentity not available"}; } else { - eval q{use Test::More tests => 9}; + eval q{use Test::More tests => 11}; } use_ok("IkiWiki::Plugin::openid"); } @@ -28,6 +28,11 @@ $^W=1; is(IkiWiki::openiduser('http://yam655.livejournal.com/'), 'yam655 [livejournal.com]'); is(IkiWiki::openiduser('http://id.mayfirst.org/jamie/'), 'jamie [id.mayfirst.org]'); +# yahoo has an anchor in the url +is(IkiWiki::openiduser('https://me.yahoo.com/joeyhess#35f22'), 'joeyhess [me.yahoo.com]'); +# google urls are horrendous, but the worst bit is after a ?, so can be dropped +is(IkiWiki::openiduser('https://www.google.com/accounts/o8/id?id=AItOawm-ebiIfxbKD3KNa-Cu9LvvD9edMLW7BAo'), 'id [www.google.com/accounts/o8]'); + # and some less typical ones taken from the ikiwiki commit history is(IkiWiki::openiduser('http://thm.id.fedoraproject.org/'), 'thm [id.fedoraproject.org]'); |