decoupling from HTML
Martin Atkins
mart at degeneration.co.uk
Tue Jun 28 12:29:42 PDT 2005
Brad Fitzpatrick wrote:
>
> This is also why Net::OpenID::Consumer is bound to http and doesn't even
> accept https (would be a one character fix to change). I know there are
> enough consumers out that that won't do/want to do https, so let's just be
> realistic and say OpenID works for http and html.
>
Is that limitation for identity URLs, server URLs or both? I don't
really mind the former, but the latter is clearly a problem. TypeKey,
for example, uses https for everything.
Hopefully by the time it being embedded in HTML becomes a problem there
will be a proper solution that doesn't rely on redirecty token-passing
hacks. I think both of those things are far too pie-in-the-sky to worry
about here.
More information about the yadis
mailing list