diff --git a/src/DotNetOpenAuth.OpenId/OpenId/Messages/IndirectSignedResponse.cs b/src/DotNetOpenAuth.OpenId/OpenId/Messages/IndirectSignedResponse.cs
index 8bceb680dc..1242b20f8a 100644
--- a/src/DotNetOpenAuth.OpenId/OpenId/Messages/IndirectSignedResponse.cs
+++ b/src/DotNetOpenAuth.OpenId/OpenId/Messages/IndirectSignedResponse.cs
@@ -404,8 +404,8 @@ internal IndirectSignedResponse(Version version, Uri relyingPartyReturnTo)
IsQuerySubsetOf(this.Recipient.Query, this.ReturnTo.Query),
OpenIdStrings.ReturnToParamDoesNotMatchRequestUrl,
Protocol.openid.return_to,
- this.ReturnTo,
- this.Recipient);
+ this.ReturnTo.AbsoluteUri,
+ this.Recipient.AbsoluteUri);
}
}
}
diff --git a/src/DotNetOpenAuth.OpenId/Xrds/XrdsDocument.cs b/src/DotNetOpenAuth.OpenId/Xrds/XrdsDocument.cs
index 0e1ecc176e..a0c59c4b88 100644
--- a/src/DotNetOpenAuth.OpenId/Xrds/XrdsDocument.cs
+++ b/src/DotNetOpenAuth.OpenId/Xrds/XrdsDocument.cs
@@ -54,7 +54,7 @@ public XrdsDocument(XmlReader reader)
/// The text that is the XRDS document.
[SuppressMessage("Microsoft.Reliability", "CA2000:Dispose objects before losing scope", Justification = "Fixing would decrease readability, and not likely avoid any finalizer on a StringReader anyway.")]
public XrdsDocument(string xml)
- : this(new XPathDocument(new StringReader(xml)).CreateNavigator()) { }
+ : this(new XPathDocument(XmlReader.Create(new StringReader(xml), MessagingUtilities.CreateUntrustedXmlReaderSettings())).CreateNavigator()) { }
///
/// Gets the XRD child elements of the document.