On Fri, May 25, 2018 at 11:24:08AM +1000, Alex Eng wrote:
> > I don't think Fedora's OpenID login has this flaw. Would it be possible
> > to allow OpenID login for white-listed providers which are known to be
> > well-behaved?
> Unfortunately, Fedora's OpenID returns HTTP even when the request is with
> HTTPS.
Does it? Let me check with the infrastructure team about getting that
fixed.
--
Matthew Miller
<mattdm@fedoraproject.org>
Fedora Project Leader
_______________________________________________
trans mailing list -- trans@lists.fedoraproject.org
To unsubscribe send an email to trans-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/trans@lists.fedoraproject.org/message/UDY7IAMGBM4W3JM4JS2AIXQE66Z5Z5QD/
No comments:
Post a Comment