Closed GoogleCodeExporter closed 8 years ago
Fixed it:
https://github.com/sergeychernyshev/oauth-php/commit/31be483d205bac08bd238578bfb
35e360e51ba1b
Same change in patch format attached:
Original comment by sergey.c...@gmail.com
on 6 Mar 2011 at 8:00
Attachments:
Issue 101 has been merged into this issue.
Original comment by scherpenisse
on 15 Mar 2011 at 1:05
Let me know if you have any questions regarding the patch.
Original comment by sergey.c...@gmail.com
on 15 Mar 2011 at 1:07
This issue was closed by revision r189.
Original comment by scherpenisse
on 15 Mar 2011 at 1:08
Thanks for noticing.
We discovered it ourselves today because we upgraded to the latest oauth-php.
Apparently we already had fixed it once but did not apply it upstream. Now
everything should be alright again.
Original comment by scherpenisse
on 15 Mar 2011 at 1:09
Another bug related to this is, if the user is able to somehow change the
$user_id through HTTP GET potentially, it is still possible to steal all the
data (i.e. harvest all the ids).
The code should really check user_id in combination with the token and the
verifier keys provider. At the moment, the user_id with any bogus token and
verifier keys would still allow access to the service (this has been tested).
The keys should be signed and compared along with the user_id.
Original comment by ch...@simpleweb.co.uk
on 6 Jun 2011 at 1:20
Original issue reported on code.google.com by
sli...@gmail.com
on 22 Feb 2011 at 4:15