1. Martin von Löwis
  2. openid2rp
  3. Issues
Issue #1 invalid

Protect openid2rp from garbage input

Peter Tröger
created an issue

Web applications might get garbage as OpenID URL input. Please protect the library accordingly, for example by raising a nice error: {{{

!python

Python 2.5.1 (r251:54863, Feb 6 2009, 19:02:12) [GCC 4.0.1 (Apple Inc. build 5465)] on darwin Type "help", "copyright", "credits" or "license" for more information.

import openid2rp url=openid2rp.normalize_uri("garbage") print url ('uri', 'http://garbage/') svc=openid2rp.discover(url) Traceback (most recent call last): File "<stdin>", line 1, in <module> File "openid2rp.py", line 145, in discover scheme, netloc, path, query, fragment = urlparse.urlsplit(url) File "/System/Library/Frameworks/Python.framework/Versions/2.5/lib/python2.5/urlparse.py", line 194, in urlsplit i = url.find(':') AttributeError: 'tuple' object has no attribute 'find'

}}}

Comments (1)

  1. Log in to comment