[OpenID] HTML-Based Discovery incompatibilities
Andrew Arnott
andrewarnott at gmail.com
Thu Jan 8 16:56:04 UTC 2009
Chris,
While you bring up a good issue, and it is a problem with the libraries, I
would be against building this into the OpenID spec because this is just
following the HTML spec, as you point out. There are many more rules in
HTML that a good RP discovery library should follow (like ignoring commented
out HTML tags, javascript, etc.), and these rules don't belong in the OpenID
spec either, IMO.
FWIW, dotnetopenid is one library that can handle both formats you listed.
But I do not claim that it has a full browser-quality HTML parser. Just
like every library, I imagine, I had to choose how much time to invest in
HTML discovery. Unless there's a decent open-source HTML parser available
for C#, I don't think any C# openid library will ever have "perfect" html
discovery by the HTML spec anyway.
--
Andrew Arnott
"I [may] not agree with what you have to say, but I'll defend to the death
your right to say it." - Voltaire
On Thu, Jan 8, 2009 at 12:58 AM, Chris Messina <chris.messina at gmail.com>wrote:
> I just read over SS 7.3.3 on HTML-Based Discovery [1], and considering my
> experience today trying to re-delegate my OpenID, I've discovered that this
> section needs to updated a clarified.
>
> It turns out that relying parties are not parsing HTML rel values in a
> standard way. That is, if there is more than one rel value provided for a
> link, some RPs fail, whereas others work fine.
>
> In other words, this:
>
> <link rel="openid2.provider openid.server" href="
> http://factoryjoe.com/blog/" />
> <link rel="openid2.local_id openid.delegate" href="
> http://factoryjoe.com/blog/" />
>
> is not the same as this:
>
> <link rel="openid2.provider" href="
> http://factoryjoe.com/blog/?openid_server=1" />
> <link rel="openid2.local_id" href="
> http://factoryjoe.com/blog/author/factoryjoe/" />
> <link rel="openid.server" href="
> http://factoryjoe.com/blog/?openid_server=1" />
> <link rel="openid.delegate" href="
> http://factoryjoe.com/blog/author/factoryjoe/" />
>
> It's my understanding that the rel attribute should be able to contain
> several values.
> But I can tell you that IntenseDebate, for example, failed when delegation
> was setup using the former code. It only worked when I broke out the two
> links into four.
>
> I'm not sure if this is an issue with the libraries or what, but I'd like
> to know if other people have experienced this problem, and if we can improve
> the language in the spec to make sure that people understand that they need
> to look for the presence of an element in a rel value -- not that the
> *entire* value is one element.
>
> Chris
>
> [1] http://openid.net/specs/openid-authentication-2_0.html#html_disco
>
> --
> Chris Messina
> Citizen-Participant &
> Open Web Advocate-at-Large
>
> factoryjoe.com # diso-project.org
> citizenagency.com # vidoop.com
> This email is: [ ] bloggable [X] ask first [ ] private
>
>
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20090108/8ff2e000/attachment-0002.htm>
More information about the general
mailing list