externalLogin seems to assume that “returnPath” doesn’t have the
“http://host” part and try to make up it with
“http://host_taken_from_referrer_header”. However, Security Manager sets
“returnPath” as “http://host/blah/blah”.
So, when returnPath start with "http://" or "https://", just copy it to "path"
Original issue reported on code.google.com by 9.na...@gmail.com on 1 Jul 2011 at 6:49
Original issue reported on code.google.com by
9.na...@gmail.comon 1 Jul 2011 at 6:49Attachments: