opendev/gerrit
Code Issues Proposed changes

Normalize OpenID URLs with http:// prefix

Browse Source 
Gerrit used to violate OpenID 1.1 and 2.0, both of which require
OpenIDs to be normalized (http:// added). Gerrit now normalizes
OpenIDs before checking whether they are permitted.

Bug: issue 1019
Change-Id: I5e75e7d5782ec400adaacbe26f602b46f502709b
(cherry picked from commit e9c3992898)
This commit is contained in:
Shawn O. Pearce
2011-06-21 10:18:41 -07:00
parent 773e8e30f1
commit 183d0f865a
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
gerrit-gwtui/src/main/java/com/google/gerrit/client/auth/openid/OpenIdSignInDialog.java
View File

@@ -347,12 +347,17 @@ public class OpenIdSignInDialog extends SignInDialog implements
public void onSubmit(final SubmitEvent event) {
event.cancel();
final String openidIdentifier = providerId.getText();
String openidIdentifier = providerId.getText();
if (openidIdentifier == null || openidIdentifier.equals("")) {
enable(true);
return;
}
if (!openidIdentifier.startsWith("http://")
&& !openidIdentifier.startsWith("https://")) {
openidIdentifier = "http://" + openidIdentifier;
}
if (!isAllowedProvider(openidIdentifier)) {
showError(OpenIdUtil.C.notAllowed());
enableRetryDiscovery();