handling of url redirection
Jonathan Daugherty
cygnus at janrain.com
Sun Feb 24 07:10:29 UTC 2008
> This is what I was getting at- it'd be good to give users an identical
> experience when they sign into various OpenID-enabled apps.
Just to be clear, this is not an interop issue. This is a matter of
drawing the line between what is sane and what is not. For
pathological cases (e.g., excessive redirects) there isn't a sane
interop behavior, only a sane fallback behavior. +1 for
_recommending_ a maximum number of redirects in the spec so
implementors have some idea of what is sane. I think any more than 10
is pathological.
--
Jonathan Daugherty
More information about the specs
mailing list