Protect openid2rp from garbage input

Issue #1 invalid
Peter Tröger
created an issue

Web applications might get garbage as OpenID URL input. Please protect the library accordingly, for example by raising a nice error: {{{


Python 2.5.1 (r251:54863, Feb 6 2009, 19:02:12) [GCC 4.0.1 (Apple Inc. build 5465)] on darwin Type "help", "copyright", "credits" or "license" for more information.

import openid2rp url=openid2rp.normalize_uri("garbage") print url ('uri', 'http://garbage/') Traceback (most recent call last): File "<stdin>", line 1, in <module> File "", line 145, in discover scheme, netloc, path, query, fragment = urlparse.urlsplit(url) File "/System/Library/Frameworks/Python.framework/Versions/2.5/lib/python2.5/", line 194, in urlsplit i = url.find(':') AttributeError: 'tuple' object has no attribute 'find'


Comments (1)

  1. Log in to comment