diff options
| -rw-r--r-- | Build.PL | 3 | ||||
| -rw-r--r-- | lib/PAUSE/OpenID/Controller/Root.pm | 5 |
2 files changed, 7 insertions, 1 deletions
@@ -13,12 +13,13 @@ my $builder = Module::Build->new( 'perl' => '5.010', 'Catalyst::Runtime' => '5.7014', 'Net::OpenID::Server' => '1.02', - 'Catalyst::View::XSLT' => 0, + 'Catalyst::View::XSLT' => '0', 'Catalyst::Plugin::Cache::Memcached' => '0.6', 'Catalyst::Plugin::Session' => '0', 'Catalyst::Plugin::Session::State::Cookie' => '0', 'Catalyst::Plugin::Session::Store::FastMmap' => '0', 'Crypt::SSLeay' => '0', + 'Regexp::Common' => '0', }, add_to_cleanup => ['PAUSE-OpenID-*'], diff --git a/lib/PAUSE/OpenID/Controller/Root.pm b/lib/PAUSE/OpenID/Controller/Root.pm index 387429e..c707cf8 100644 --- a/lib/PAUSE/OpenID/Controller/Root.pm +++ b/lib/PAUSE/OpenID/Controller/Root.pm @@ -5,6 +5,7 @@ use warnings; use parent 'Catalyst::Controller'; use LWP::UserAgent; +use Regexp::Common qw /URI/; # # Sets the actions in this controller to be registered with no prefix @@ -41,6 +42,10 @@ sub index :Path :Args(0) { #$c->flash->{xml} = '<document><error_message>Missing parameter</error_message></document>'; $c->res->redirect($c->uri_for('/error')); } + elsif ( $return_to !~ /$RE{URI}{HTTP}/ ) { #{'-scheme'=>'P'} + #$c->flash->{xml} = '<document><error_message>Invalid URI</error_message></document>'; + $c->res->redirect($c->uri_for('/error')); + } # TODO: generate XML programatically $c->stash->{xml} = sprintf('<document><config key="url" value="%s"/></document>', $c->config->{'PAUSE::OpenID'}{'baseurl'}); |