https://bugzilla.wikimedia.org/show_bug.cgi?id=22108
--- Comment #2 from Craig Box <craig....@gmail.com> 2010-01-27 09:48:08 UTC --- Created an attachment (id=7031) --> (https://bugzilla.wikimedia.org/attachment.cgi?id=7031) Security fix for issue 22108 Here is the patch. Note, I am now checking identity_url rather than displayIdentifier; the user can set the display identifier, so you shouldn't ever check it (e.g. I could set up a provider to give out the ID http://badprovider.com/me but the display identifier set to http://impersonatedprovider.com/you. -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching all bug changes. _______________________________________________ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
