The OpenID module currently sends a trust_root (or realm) value ending in an asterisk (in the path). For example, it sends "http://www.example.com/*". Wildcards are only valid in the authority section of the value. Wildcards in the path will cause return_to / realm checks to fail.

Comments

walkah’s picture

walkah commented
Status: Active » Patch (to be ported)

Fixed in HEAD ... awaiting backport to 5.x

walkah’s picture

walkah commented
Status: Patch (to be ported) » Fixed

backported.

Anonymous’s picture

(not verified) commented
Status: Fixed » Closed (fixed)