https:// urls as openid servers and/or identities?
Michael Krelin
hacker at klever.net
Fri Jul 22 13:05:58 PDT 2005
On Fri, Jul 22, 2005 at 09:55:32PM +0200, Wladimir Palant wrote:
> Michael Krelin wrote:
>
> >For what I remember, I've seen check for '^http://' regex somewhere in
> >consumer perl sources, which, basically means that you shouldn't expect
> >it to work in the most cases.
>
> Nope, the check is actually:
>
> return $self->_fail("bogus_url", "Invalid URL") unless $url =~
> m!^https?://!i;
>
> It will accept both http:// and https:// urls.
Must be the older version. Since I only looked at the code as a
reference implementation I never bothered to see if there's a newer one
available. Mine (0.11) definitely contains this:
# do basic canonicalization
$url = "http://$url" if $url && $url !~ m!^\w+://!;
return $self->_fail("bogus_url", "Invalid URL") unless $url =~ m!^http://!i;
# add a slash, if none exists
$url .= "/" unless $url =~ m!^http://.+/!i;
I wouldn't remember if I didn't think about the limitation back then.
But the funny part that this is about the identity URL, not the server
;-)
Love,
Michael
More information about the yadis
mailing list