Actions
Defect #5297
closedopenid not validated correctly
Status:
Closed
Priority:
Low
Assignee:
Category:
Accounts / authentication
Target version:
Start date:
2010-04-12
Due date:
% Done:
100%
Estimated time:
0.50 h
Resolution:
Fixed
Affected version:
Description
the user supplied a openid with a semicolon instead of the colon. instead of a validation / login error he got a 500. trace is:
NoMethodError (undefined method `downcase' for nil:NilClass): app/controllers/account_controller.rb:153:in `open_id_authenticate' app/controllers/account_controller.rb:33:in `login' passenger (2.2.4) lib/phusion_passenger/rack/request_handler.rb:91:in `process_request' passenger (2.2.4) lib/phusion_passenger/abstract_request_handler.rb:206:in `main_loop' passenger (2.2.4) lib/phusion_passenger/railz/application_spawner.rb:376:in `start_request_handler' passenger (2.2.4) lib/phusion_passenger/railz/application_spawner.rb:181:in `spawn_application!' passenger (2.2.4) lib/phusion_passenger/utils.rb:182:in `safe_fork' passenger (2.2.4) lib/phusion_passenger/railz/application_spawner.rb:153:in `spawn_application!' passenger (2.2.4) lib/phusion_passenger/spawn_manager.rb:271:in `spawn_rails_application' passenger (2.2.4) lib/phusion_passenger/abstract_server_collection.rb:80:in `synchronize' passenger (2.2.4) lib/phusion_passenger/abstract_server_collection.rb:79:in `synchronize' passenger (2.2.4) lib/phusion_passenger/spawn_manager.rb:254:in `spawn_rails_application' passenger (2.2.4) lib/phusion_passenger/spawn_manager.rb:153:in `spawn_application' passenger (2.2.4) lib/phusion_passenger/spawn_manager.rb:286:in `handle_spawn_application' passenger (2.2.4) lib/phusion_passenger/abstract_server.rb:351:in `__send__' passenger (2.2.4) lib/phusion_passenger/abstract_server.rb:351:in `main_loop' passenger (2.2.4) lib/phusion_passenger/abstract_server.rb:195:in `start_synchronously'
Updated by Jean-Baptiste Barth over 14 years ago
- Affected version (unused) changed from 0.9.1 to devel
- Affected version deleted (
0.9.1)
Reproduced on current trunk. Actually, it's a URI or ruby-openid defect. Maybe we could find a workaround to avoid 500 error in Redmine.
Updated by Jean-Baptiste Barth over 14 years ago
- Status changed from New to Resolved
- Assignee set to Jean-Baptiste Barth
- Target version set to 1.0.1
- % Done changed from 0 to 100
- Resolution set to Fixed
Sorry, misread the trace on my laptop, the problem is inside our wrapper in vendor/plugins/open_id_authentication. Patch applied in r3933, but there may be other related bugs, don't hesitate to reopen if so.
Updated by Eric Davis over 14 years ago
- Status changed from Resolved to Closed
Merged to 1.0-stable for release in 1.0.1.
Actions