17
edits
Changes
Adding bit about taint problem in OpenID library
* How should createaccount.cgi modification be done?
** It's tempting to restructure this code, creating a new Bugzilla->create_account($cgi) method, and moving the current code into Bugzilla/Auth/Login/WWW/CGI.pm . Current version just relies on existing code, pretty much unmodified, so you must sign up for an account using old-fashioned means, and then associate an OpenID in the prefs.
* OpenID::Consumer library v0.11 (perl) fails taint check
** [http://lists.danga.com/pipermail/yadis/2005-June/thread.html#951 Taint safety discussion on OpenID dev list]
== Other Links ==
* [http://comments.gmane.org/gmane.comp.bug-tracking.bugzilla.devel/4695 Discussion 2005-06-27 - Initial exploratory discussion on developers@bugzilla.org]
* [https://bugzilla.mozilla.org/show_bug.cgi?id=294608 Bugzilla ticket for OpenID support]
* [http://listscomments.dangagmane.comorg/pipermail/yadisgmane.comp.bug-tracking.bugzilla.devel/4706 2005-June/thread.html#951 Taint safety 07-01 - Design discussion on OpenID dev listdevelopers@bugzilla.org]
