diff options
Diffstat (limited to 'doc')
-rw-r--r-- | doc/bugs/Please_don__39__t_refer_to_offsite_openid_image.mdwn | 20 | ||||
-rw-r--r-- | doc/style.css | 2 | ||||
-rw-r--r-- | doc/wikiicons/openidlogin-bg.gif | bin | 0 -> 142 bytes |
3 files changed, 20 insertions, 2 deletions
diff --git a/doc/bugs/Please_don__39__t_refer_to_offsite_openid_image.mdwn b/doc/bugs/Please_don__39__t_refer_to_offsite_openid_image.mdwn index 832ae8363..561cd6771 100644 --- a/doc/bugs/Please_don__39__t_refer_to_offsite_openid_image.mdwn +++ b/doc/bugs/Please_don__39__t_refer_to_offsite_openid_image.mdwn @@ -1 +1,19 @@ -In style.css, please don't refer to the OpenID image on an external site. This reference allows that site to track users of ikiwikis and other sites supporting OpenID. Furthermore, this reference also opens up cross-site scripting vulnerabilities if the external site did something malicious. If the image has a Free Software license, please include it in ikiwiki, in the basewiki (preferably converted from gif to png). If the image does not have a Free Software license, please omit it, and allow users to choose to add it to their CSS themselves if they find the risks acceptable. --[[JoshTriplett]]
\ No newline at end of file +In style.css, please don't refer to the OpenID image on an external site. +This reference allows that site to track users of ikiwikis and other sites +supporting OpenID. Furthermore, this reference also opens up cross-site +scripting vulnerabilities if the external site did something malicious. If +the image has a Free Software license, please include it in ikiwiki, in the +basewiki (preferably converted from gif to png). If the image does not +have a Free Software license, please omit it, and allow users to choose to +add it to their CSS themselves if they find the risks acceptable. +--[[JoshTriplett]] + +> I wasn't able to get a clear statement of the license of that graphic, +> back when I was writing the openid support although I didn't try very hard +> (asked on irc on their irc channel, didn't seem to get anyone who was +> familiar with DFSG). Googling around, they seem to have not yet decided +> on a license: +> <http://openid.net/pipermail/general/2007-January/001421.html> +> <http://lists.danga.com/pipermail/yadis/2005-June/000990.html> +> +> Changed things around .. [[bugs/done]] --[[Joey]] diff --git a/doc/style.css b/doc/style.css index 3b8a24d9a..ef0cb9e57 100644 --- a/doc/style.css +++ b/doc/style.css @@ -220,7 +220,7 @@ div.poll { } input#openid_url { - background: url(http://openid.net/login-bg.gif) no-repeat; + background: url(wikiicons/openidlogin-bg.gif) no-repeat; background-color: #fff; background-position: 0 50%; color: #000; diff --git a/doc/wikiicons/openidlogin-bg.gif b/doc/wikiicons/openidlogin-bg.gif Binary files differnew file mode 100644 index 000000000..c8f43d08e --- /dev/null +++ b/doc/wikiicons/openidlogin-bg.gif |