ZF2-339: Zend\OpenID\Consumer Generates Illegal 'openid.realm' Values


When calling OpenID->selfUrl() from a directory that is not on the root of the server, it will return a 'openid.realm' value that violates the specification as implemented by several major OpenID providers (tested with and an installation of SimpleID).

The violation include the directory on which call originated from. For example, if the call originates from then the realm will be properly set to '' however, if it originate from '' then the realm will be set to '' which will cause errors with at least OpenID providers.


No comments to display