2
edits
Bugzilla:OpenID Auth Plugin: Difference between revisions
Bugzilla:OpenID Auth Plugin (view source)
Revision as of 19:07, 11 September 2006
, 11 September 2006JanRain Perl library versus Brad's
(Can use OpenID SREG for email exchange) |
(JanRain Perl library versus Brad's) |
||
| Line 29: | Line 29: | ||
* OpenID::Consumer library v0.11 (perl) fails taint check | * OpenID::Consumer library v0.11 (perl) fails taint check | ||
** [http://lists.danga.com/pipermail/yadis/2005-June/thread.html#951 Taint safety discussion on OpenID dev list] | ** [http://lists.danga.com/pipermail/yadis/2005-June/thread.html#951 Taint safety discussion on OpenID dev list] | ||
** Take a look at the [http://www.openidenabled.com/openid/libraries/perl/ Perl library from JanRain], it is more current and will evolve to replace Brad's original library as Authentication 2.0 gels | |||
* Cookie expiration | * Cookie expiration | ||
** Current implementation is almost certainly wrong (indefinite length cookies). | ** Current implementation is almost certainly wrong (indefinite length cookies). | ||