decoupling from HTML

Martin Atkins mart at
Tue Jun 28 12:29:42 PDT 2005

Brad Fitzpatrick wrote:
> This is also why Net::OpenID::Consumer is bound to http and doesn't even
> accept https (would be a one character fix to change).  I know there are
> enough consumers out that that won't do/want to do https, so let's just be
> realistic and say OpenID works for http and html.

Is that limitation for identity URLs, server URLs or both? I don't
really mind the former, but the latter is clearly a problem. TypeKey,
for example, uses https for everything.

Hopefully by the time it being embedded in HTML becomes a problem there
will be a proper solution that doesn't rely on redirecty token-passing
hacks. I think both of those things are far too pie-in-the-sky to worry
about here.

More information about the yadis mailing list