search

indieweb / indiewebify-me

Tools to help you get the best out of your indieweb site
http://indiewebify.me
166 stars 26 forks source link

Twitter rel=me verification not working #59

Closed aaronpk closed 6 years ago

aaronpk commented 7 years ago

for http://eddiehinkle.com/

https://indiewebify.me/validate-rel-me/?url=http%3A%2F%2Feddiehinkle.com

kevinmarks commented 7 years ago

the amended endpoint I use for verification works:

https://indiewebify.me/rel-me-links-info/?url1=http://eddiehinkle.com/&url2=https://twitter.com/eddiehinkle

but the old one fails:

https://indiewebify.me/rel-me-links/?url1=http://eddiehinkle.com/&url2=https://twitter.com/eddiehinkle

On Thu, Feb 9, 2017 at 3:40 PM, Aaron Parecki notifications@github.com wrote:

for http://eddiehinkle.com/

https://indiewebify.me/validate-rel-me/?url=http%3A%2F%2Feddiehinkle.com

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/indieweb/indiewebify-me/issues/59, or mute the thread https://github.com/notifications/unsubscribe-auth/AAGCwLq8kh_9XpTPzWzG77ZouSNo-wUYks5ra6PqgaJpZM4L80BJ .

kevinmarks commented 7 years ago

Difference between the 2 is:

    list($profileUrl, $secure, $previous) = IndieWeb\relMeDocumentUrl($url2);
    if (!$secure)
        return crossOriginResponse("Inbound rel-me URL redirects insecurely" . print_r($previous, true), 400);

My fn ignores this 'secure' flag - which is triggered by the t.co link being https and the users' site being http only.

gRegorLove commented 7 years ago

Think this is part of #54

aaronpk commented 6 years ago

Fixed in #64