From: Jean-Baptiste Barth Date: Tue, 10 Aug 2010 21:12:32 +0000 (+0000) Subject: Prevent 500 error on login when there's a typo in OpenID URI scheme, such as http... X-Git-Tag: 1.1.0~459 X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=83e4cf3dd4207faaa393d993a271a52d4413bad3;p=redmine.git Prevent 500 error on login when there's a typo in OpenID URI scheme, such as http;// or http.// git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3933 e93f8b46-1217-0410-a6f0-8f06a7374b81 --- diff --git a/test/functional/account_controller_test.rb b/test/functional/account_controller_test.rb index 2a8c9c66b..1d66d01d3 100644 --- a/test/functional/account_controller_test.rb +++ b/test/functional/account_controller_test.rb @@ -67,6 +67,13 @@ class AccountControllerTest < ActionController::TestCase assert_redirected_to 'my/page' end + def test_login_with_invalid_openid_provider + Setting.self_registration = '0' + Setting.openid = '1' + post :login, :openid_url => 'http;//openid.example.com/good_user' + assert_redirected_to home_url + end + def test_login_with_openid_for_existing_non_active_user Setting.self_registration = '2' Setting.openid = '1' diff --git a/vendor/plugins/open_id_authentication/lib/open_id_authentication.rb b/vendor/plugins/open_id_authentication/lib/open_id_authentication.rb index 22481136e..70418fde7 100644 --- a/vendor/plugins/open_id_authentication/lib/open_id_authentication.rb +++ b/vendor/plugins/open_id_authentication/lib/open_id_authentication.rb @@ -89,7 +89,7 @@ module OpenIdAuthentication begin uri = URI.parse(identifier) - uri.scheme = uri.scheme.downcase # URI should do this + uri.scheme = uri.scheme.downcase if uri.scheme # URI should do this identifier = uri.normalize.to_s rescue URI::InvalidURIError raise InvalidOpenId.new("#{identifier} is not an OpenID identifier")