Opened 9 years ago
OpenID fails with https site
|Reported by:||sazius||Owned by:|
When I try to log in with OpenID on my Mediagoblin site it fails with the following error:
Verification of None failed: return_to does not match return URL. Expected u'https://media.saz.im/auth/openid/login/finish/', got u'http://media.saz.im/auth/openid/login/finish/?janrain_nonce=SIKRITSTUFF'
where I have replaced the nonce with SIKRITSTUFF just to be sure :-)
In the file plugins/openid/views.py line 52 looks like this:
host = 'http://' + request.host
If I replace the "http" with "https" here OpenID works. My server does have automatic rewrite of http => https so that is not the problem. So perhaps it is possible to detect if we are serving over https and setting that accordingly?