![[site community profile]](https://www.dreamwidth.org/img/comm_staff.png){kind=small}
[dw-free] OpenID can't authenticate via comment form
[commit: http://hg.dwscoalition.org/dw-free/rev/a4021cffa7e5]
http://bugs.dwscoalition.org/show_bug.cgi?id=1653
Use check_refer, so it works with talkpost_do
Patch by![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png)
wyntarvox.
Files modified:
http://bugs.dwscoalition.org/show_bug.cgi?id=1653
Use check_refer, so it works with talkpost_do
Patch by
wyntarvox.Files modified:
- htdocs/talkpost_do.bml
--------------------------------------------------------------------------------
diff -r 92cff6a4bafc -r a4021cffa7e5 htdocs/talkpost_do.bml
--- a/htdocs/talkpost_do.bml Sat Aug 22 17:50:15 2009 +0000
+++ b/htdocs/talkpost_do.bml Sat Aug 22 17:55:38 2009 +0000
@@ -48,7 +48,7 @@ body<=
if ($GET{'openid.mode'} eq 'id_res') { # Verify their identity
- unless ($GET{'openid.return_to'} =~ m!^\Q$LJ::SITEROOT\E/talkpost_do\.bml!) {
+ unless ( LJ::check_referer('/talkpost_do.bml', $GET{'openid.return_to'}) ) {
return LJ::bad_input("Invalid return_to");
}
--------------------------------------------------------------------------------