summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJoey Hess <joey@gnu.kitenet.net>2010-03-13 20:10:50 -0500
committerJoey Hess <joey@gnu.kitenet.net>2010-03-13 20:10:50 -0500
commitc0ad4929deb455804ddfc6451820c6c67a298ea1 (patch)
treecd19eca3ca1972958f609204509cc267d2b8c279
parentfd43e83fcf7bf24493ecfff54111c1c5f1cab573 (diff)
Improve openid url munging; do not display anchors and cgi parameters, as used by yahoo and google urls.
-rw-r--r--IkiWiki.pm2
-rw-r--r--debian/changelog2
-rw-r--r--doc/forum/google_openid_broken__63__.mdwn6
-rwxr-xr-xt/openiduser.t7
4 files changed, 15 insertions, 2 deletions
diff --git a/IkiWiki.pm b/IkiWiki.pm
index 00eadfd98..251ed8cc8 100644
--- a/IkiWiki.pm
+++ b/IkiWiki.pm
@@ -1131,7 +1131,7 @@ sub openiduser ($) {
# Convert "http://somehost.com/user" to "user [somehost.com]".
# (also "https://somehost.com/user/")
if ($display !~ /\[/) {
- $display=~s/^https?:\/\/(.+)\/([^\/]+)\/?$/$2 [$1]/;
+ $display=~s/^https?:\/\/(.+)\/([^\/#?]+)\/?(?:[#?].*)?$/$2 [$1]/;
}
$display=~s!^https?://!!; # make sure this is removed
eval q{use CGI 'escapeHTML'};
diff --git a/debian/changelog b/debian/changelog
index 854d83130..0a9679618 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -4,6 +4,8 @@ ikiwiki (3.20100313) UNRELEASED; urgency=low
as unsafe.
* openid: Use Openid Simple Registration or OpenID Attribute Exchange
to get the user's email address and username.
+ * Improve openid url munging; do not display anchors and cgi parameters,
+ as used by yahoo and google urls.
-- Joey Hess <joeyh@debian.org> Sat, 13 Mar 2010 14:48:10 -0500
diff --git a/doc/forum/google_openid_broken__63__.mdwn b/doc/forum/google_openid_broken__63__.mdwn
index 4ca5cac93..96ba2d791 100644
--- a/doc/forum/google_openid_broken__63__.mdwn
+++ b/doc/forum/google_openid_broken__63__.mdwn
@@ -59,6 +59,12 @@ points to a fairly useless xml document, rather than a web page. --[[Joey]]
> Using the Google profile page as the OpenID is really orthogonal to the above. --[[kaol]]
+>> First, I don't accept that the openid google returns from their
+>> generic signin url *has* to be so freaking ugly. For contrast,
+>> look at the openid you log in as if you use the yahoo url.
+>> <https://me.yahoo.com/joeyhess#35f22>. Nice and clean, now
+>> munged by ikiwiki to "joeyhess [me.yahoo.com]".
+>>
>> Displaying email addresses is not really an option, because ikiwiki
>> can't leak user email addresses like that. Displaying nicknames or
>> usernames is, see [[todo/Separate_OpenIDs_and_usernames]].
diff --git a/t/openiduser.t b/t/openiduser.t
index 52d879484..caabbcefc 100755
--- a/t/openiduser.t
+++ b/t/openiduser.t
@@ -10,7 +10,7 @@ BEGIN {
eval q{use Test::More skip_all => "Net::OpenID::VerifiedIdentity not available"};
}
else {
- eval q{use Test::More tests => 9};
+ eval q{use Test::More tests => 11};
}
use_ok("IkiWiki::Plugin::openid");
}
@@ -28,6 +28,11 @@ $^W=1;
is(IkiWiki::openiduser('http://yam655.livejournal.com/'), 'yam655 [livejournal.com]');
is(IkiWiki::openiduser('http://id.mayfirst.org/jamie/'), 'jamie [id.mayfirst.org]');
+# yahoo has an anchor in the url
+is(IkiWiki::openiduser('https://me.yahoo.com/joeyhess#35f22'), 'joeyhess [me.yahoo.com]');
+# google urls are horrendous, but the worst bit is after a ?, so can be dropped
+is(IkiWiki::openiduser('https://www.google.com/accounts/o8/id?id=AItOawm-ebiIfxbKD3KNa-Cu9LvvD9edMLW7BAo'), 'id [www.google.com/accounts/o8]');
+
# and some less typical ones taken from the ikiwiki commit history
is(IkiWiki::openiduser('http://thm.id.fedoraproject.org/'), 'thm [id.fedoraproject.org]');