Defect #5297
openid not validated correctly
Status: | Closed | Start date: | 2010-04-12 | |
---|---|---|---|---|
Priority: | Low | Due date: | ||
Assignee: | % Done: | 100% | ||
Category: | Accounts / authentication | Estimated time: | 0.50 hour | |
Target version: | 1.0.1 | |||
Resolution: | Fixed | Affected version: |
Description
the user supplied a openid with a semicolon instead of the colon. instead of a validation / login error he got a 500. trace is:
NoMethodError (undefined method `downcase' for nil:NilClass): app/controllers/account_controller.rb:153:in `open_id_authenticate' app/controllers/account_controller.rb:33:in `login' passenger (2.2.4) lib/phusion_passenger/rack/request_handler.rb:91:in `process_request' passenger (2.2.4) lib/phusion_passenger/abstract_request_handler.rb:206:in `main_loop' passenger (2.2.4) lib/phusion_passenger/railz/application_spawner.rb:376:in `start_request_handler' passenger (2.2.4) lib/phusion_passenger/railz/application_spawner.rb:181:in `spawn_application!' passenger (2.2.4) lib/phusion_passenger/utils.rb:182:in `safe_fork' passenger (2.2.4) lib/phusion_passenger/railz/application_spawner.rb:153:in `spawn_application!' passenger (2.2.4) lib/phusion_passenger/spawn_manager.rb:271:in `spawn_rails_application' passenger (2.2.4) lib/phusion_passenger/abstract_server_collection.rb:80:in `synchronize' passenger (2.2.4) lib/phusion_passenger/abstract_server_collection.rb:79:in `synchronize' passenger (2.2.4) lib/phusion_passenger/spawn_manager.rb:254:in `spawn_rails_application' passenger (2.2.4) lib/phusion_passenger/spawn_manager.rb:153:in `spawn_application' passenger (2.2.4) lib/phusion_passenger/spawn_manager.rb:286:in `handle_spawn_application' passenger (2.2.4) lib/phusion_passenger/abstract_server.rb:351:in `__send__' passenger (2.2.4) lib/phusion_passenger/abstract_server.rb:351:in `main_loop' passenger (2.2.4) lib/phusion_passenger/abstract_server.rb:195:in `start_synchronously'
History
#1
Updated by Jean-Baptiste Barth about 12 years ago
- Affected version (unused) changed from 0.9.1 to devel
- Affected version deleted (
0.9.1)
Reproduced on current trunk. Actually, it's a URI or ruby-openid defect. Maybe we could find a workaround to avoid 500 error in Redmine.
#2
Updated by Jean-Baptiste Barth about 12 years ago
- Status changed from New to Resolved
- Assignee set to Jean-Baptiste Barth
- Target version set to 1.0.1
- % Done changed from 0 to 100
- Resolution set to Fixed
Sorry, misread the trace on my laptop, the problem is inside our wrapper in vendor/plugins/open_id_authentication. Patch applied in r3933, but there may be other related bugs, don't hesitate to reopen if so.
#3
Updated by Eric Davis about 12 years ago
- Status changed from Resolved to Closed
Merged to 1.0-stable for release in 1.0.1.