Permalink
Switch branches/tags
Nothing to show
Commits on Oct 14, 2010
  1. Fixed a bug in Message.toPostArgs() related to UTF-8 encoded values.

    In generating the argument dictionary the .toPostArgs() method (apparently)
    assumed that values were all Unicode objects and called
    ``value.encode('utf-8')`` on them unconditionally. However, the values appear
    to be a mixed set of Unicode objects and UTF-8 encoded strings (most being of
    the latter group).
    
    Calling .encode('utf-8') on a string will implicitly decode the string into a
    Unicode object before encoding it to the selected encoding. This automatic
    decoding happens using the ``sys.getdefaultencoding()`` encoding which is by
    default 'ascii'. The original call therefore works only as long as the values
    are 7-bit ASCII and breaks when they contain higher bit characters.
    
    The patch ensures that the resulting values in the returned dictionary are
    UTF-8 encoded strings regardless if the input values were Unicode objects or
    UTF-8 strings.
    dokai committed Oct 14, 2010
  2. Fixed a bug in Message.toFormMarkup() related to encoding UTF-8 encod…

    …ed form values.
    
    The .toFormMarkup() method that generates a <form> HTML structure had a bug
    when the form field values contained UTF-8 encoded strings with characters
    outside the 7-bit ASCII space.
    
    If the lxml implementation of the ElementTree API was in use these values
    would result in a ValueError being raised (ValueError: All strings must be XML
    compatible: Unicode or ASCII, no NULL bytes or control characters). If the
    stdlib implementation of ElementTree was used these characters were silently
    replaced by their XML character reference equivalents (&#XXX;).
    
    This patch generates the form using Unicode values for everything and then
    serializes the form to a UTF-8 encoded string ensuring that the final form is
    what is expected and constant regardless of the ElementTree API
    implementation.
    dokai committed Oct 14, 2010
Commits on Sep 16, 2010
  1. Set safe flag on html/form element so that the html won't be escaped,…

    … which happens by default in the latest versions of Django.
    unknown committed Sep 16, 2010
  2. Corrected dictionary entries in the method normalDict, which was only…

    … inserting the first character for each value.
    unknown committed Sep 16, 2010
Commits on Sep 15, 2010
  1. clean whitespace

    temoto committed Sep 15, 2010
Commits on Jul 19, 2010
  1. Fix timing attack against signature comparison

    Carl Howells committed with lillialexis Jul 19, 2010
  2. whitespace

    Carl Howells committed with lillialexis Jul 19, 2010
  3. Fix permissions on tools

    Carl Howells committed with lillialexis Jul 19, 2010
Commits on Jun 18, 2010
  1. contrib/associate: new script to make an association request

        and print the results.
    Kevin Turner committed with lillialexis Mar 31, 2010
  2. Bump version to 2.2.5

    Grant Monroe committed with lillialexis Jun 18, 2010
  3. Fix download_url in setup.py

    Grant Monroe committed with lillialexis Jun 18, 2010
Commits on Mar 16, 2010
  1. Removed/changed references to openidenabled.com. At this time, not ev…

    …ery reference has been updated.
    Lilli committed Mar 16, 2010
Commits on Feb 12, 2010
  1. Added the following patch from the dev@openidenabled.com mailing list:

    http://lists.openidenabled.com/pipermail/dev/attachments/20090401/b0bd173c/attachment.bin
    
    Original Message:
    seth at lindenlab.com
    Wed Apr 1 16:29:08 PDT 2009
    darcs patch: 100-continue-in-parseHeaders
    
    	"In my openid testbed, if:
    	(1) my RP and OP establish a session
    	(2) the OP's session database is deleted
    	(3) the RP tries to validate an identity
    	(4) the OP's response includes invalidate_handle
    
    	then the RP ends up POSTing to the OP.  During this interaction, curl
    	sets the Expect: 100-Continue header, and apache2 reacts to it.  Then,
    	CurlHTTPFetcher._parseHeaders gets confused -- it strips off the first
    	line (the HTTP/1.1 100 Continue line), then sees a blank line, and
    	assumes there are no headers.  One way to fix this is to add
    
    		LoadModule headers_module /usr/lib/apache2/modules/mod_headers.so
    		RequestHeader unset Expect early
    
    	to the apache2 config on the OP, but this patch also worked."
    
    This patch was in the form of a Darcs patch, not a normal patch.  So solve this, I applied it to the Darcs repository found on openidenabled, then created a new diff file between the original Darcs repo and the new one (with the patch applied) so that I could apply it to this git repo.
    
    All hunks succeeded
    Lilli committed Feb 12, 2010
Commits on Feb 11, 2010
  1. Added the following patch from the dev@openidenabled.com mailing list:

    http://lists.openidenabled.com/pipermail/dev/attachments/20091101/9a551153/attachment.bin
    
    Original Message:
    Christopher Armstrong radix at twistedmatrix.com
    Mon Dec 17 07:06:01 PST 2007
    consumer docstring wording
    
    	"I couldn't figure out how to use "darcs send" in five minutes (and I
    	doubt it would work because my ISP blocks port 25), so here's an
    	attached patch with some obvious grammatical fixes to the docstring of
    	consumer.py.
    
    	--
    	Christopher Armstrong
    	International Man of Twistery ..."
    
    Simple patch to correct typos; all hunks succeeded.
    Lilli committed Feb 11, 2010
Commits on Jan 30, 2010
  1. Removing darcs-ignore

    Lilli committed Jan 30, 2010
  2. Trying again to commit openid/oidutil.py

    Lilli committed Jan 30, 2010
  3. Deleting files that were copied in the tailor conversion from darcs t…

    …o git, and committing changes to openid/oidutil.py that weren't committed during tailor due to tailor error
    Lilli committed Jan 30, 2010
Commits on Apr 22, 2009
  1. [project @ Set version to 2.2.4]

    Ignore-this: a066625460741847b75217363da721fb
    tailor committed Apr 22, 2009
  2. [project @ Add missing openid.extensions.draft to setup.py]

    Ignore-this: 5ceefd2763ffa9ebc1758e2262cfb686
    tailor committed Apr 22, 2009
  3. [project @ Set version to 2.2.3; ignore 2.2.2 due to repository incon…

    …sistency]
    
    Ignore-this: 7fdee14054840f51e350e656dfb92274
    tailor committed Apr 22, 2009
  4. [project @ Fix version string]

    Ignore-this: b31741114f52c6f3846dd5b3b5bcfe4e
    tailor committed Apr 22, 2009
Commits on Apr 20, 2009
  1. [project @ Consumer: require that op_endpoint be signed in id_res res…

    …ponses]
    
    Ignore-this: ed18f1a60982df1fcb457299069c74bc
    tailor committed Apr 20, 2009
Commits on Dec 19, 2008
  1. [project @ Normalize XRIs when doing discovery in accordance with the…

    … OpenID 2 spec]
    tailor committed Dec 19, 2008
Commits on Dec 8, 2008
  1. [project @ Correct hashlib issue (thanks: Andr� Cruz <andre.cruz at c…

    …o.sapo.pt>)]
    tailor committed Dec 8, 2008
Commits on Oct 31, 2008
  1. [project @ python 2.3 does not have assertTrue]

    Kevin Turner committed Oct 31, 2008
  2. [project @ Remove range headers from requests]

    tailor committed Oct 31, 2008
Commits on Oct 13, 2008