Open GoogleCodeExporter opened 9 years ago
When open_basedir is set, the Location HTTP header can't be followed (at least
by curl), and that's why it's disabled.
As for validation returning false when using streams, it's a valid (and
separate) bug, but you haven't posted any details that might help me with
debugging. Obviously, it works for me.
So, I'm waiting for more details on that.
Original comment by mewp...@gmail.com
on 18 Nov 2011 at 8:29
You are right about curl. I had overlooked my log files. It worked by pure
chance: in my case, there were no redirections to follow.
I've been able to reproduce the streams issue in my dev box so I'm in position
to gather as much information as required.
I'm not familiar with the OpenID internals but request_streams() does something
I can't understand. When validating the response, it calls this:
$data = file_get_contents($url, false, $context);
...on line 345 to make a POST request to https://myvidoop.com/openid. The
server's response is this:
is_valid:true
ns:http://specs.openid.net/auth/2.0
But the $data variable is never used. On line 352 we see this:
return file_get_contents($url, false, $context);
... which makes exactly the same POST request and this time obtains:
is_valid:false
ns:http://specs.openid.net/auth/2.0
My guts say that line 352 should be:
return $data;
Original comment by kAlvaro
on 19 Nov 2011 at 7:31
Ok, I think I know what the problem is now. I'll try to fix it soon.
Original comment by mewp...@gmail.com
on 19 Nov 2011 at 7:46
Problem still exists... (i'm using safe_mode = on)
Original comment by 94m3k...@gmail.com
on 28 Apr 2012 at 2:25
sorry, i'm not using safe_mode, it's open_basedir.
Original comment by 94m3k...@gmail.com
on 28 Apr 2012 at 3:47
Original issue reported on code.google.com by
kAlvaro
on 18 Nov 2011 at 8:14