[Openid-specs-ab] FYI: iOS6 changed custom schema priority rule

Nat Sakimura sakimura at gmail.com
Thu Oct 25 08:06:32 UTC 2012


Thanks!

It is a new attack vector :-(

On Thu, Oct 25, 2012 at 3:33 PM, nov matake <nov at matake.jp> wrote:

> Hi,
>
> When testing NRI's self-issued OP, I noticed iOS6 changed custom schema
> priority rule.
>
> I have my own iOS app which registered "openid://" schema.
> In iOS5, the FIRST app which registered a custom schema is given priority
> over the others which registered the same schema later.
> So my self-issued OP is always used until uninstalled.
>
> However, iOS6 seems changed the rule.
> In iOS6, the LATEST app gets priority.
> If an user installed 2nd self-issued OP, 1st one is never used until 2nd
> one is uninstalled.
> It means after installed 2nd self-issued OP, the user loses accounts
> access registered by 1st one.
>
> I have no idea how to avoid this issue now, but for your information.
>
> nov
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab
>



-- 
Nat Sakimura (=nat)
Chairman, OpenID Foundation
http://nat.sakimura.org/
@_nat_en
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20121025/d2fb7204/attachment.html>


More information about the Openid-specs-ab mailing list