Merge branch 'v3.0' into v3.1

11 files changed, 170 insertions, 111 deletions

diff --git a/samples/DotNetOpenAuth.ApplicationBlock/CustomExtensions/AcmeRequest.cs b/samples/DotNetOpenAuth.ApplicationBlock/CustomExtensions/AcmeRequest.cs
index e3effdf..8859c10 100644
--- a/samples/DotNetOpenAuth.ApplicationBlock/CustomExtensions/AcmeRequest.cs
+++ b/samples/DotNetOpenAuth.ApplicationBlock/CustomExtensions/AcmeRequest.cs
@@ -8,12 +8,15 @@ namespace DotNetOpenAuth.ApplicationBlock.CustomExtensions {
 	using System;
 	using System.Collections.Generic;
 	using System.Linq;
-	using System.Text;
+	using DotNetOpenAuth.Messaging;
 	using DotNetOpenAuth.OpenId.Messages;
 
 	public class AcmeRequest : IOpenIdMessageExtension {
 		private IDictionary<string, string> extraData = new Dictionary<string, string>();
 
+		[MessagePart]
+		public string FavoriteFlavor { get; set; }
+
 		#region IOpenIdMessageExtension Members
 
 		public string TypeUri {
diff --git a/samples/DotNetOpenAuth.ApplicationBlock/CustomExtensions/AcmeResponse.cs b/samples/DotNetOpenAuth.ApplicationBlock/CustomExtensions/AcmeResponse.cs
index 62551e6..1e6748c 100644
--- a/samples/DotNetOpenAuth.ApplicationBlock/CustomExtensions/AcmeResponse.cs
+++ b/samples/DotNetOpenAuth.ApplicationBlock/CustomExtensions/AcmeResponse.cs
@@ -8,13 +8,16 @@ namespace DotNetOpenAuth.ApplicationBlock.CustomExtensions {
 	using System;
 	using System.Collections.Generic;
 	using System.Linq;
-	using System.Text;
+	using DotNetOpenAuth.Messaging;
 	using DotNetOpenAuth.OpenId.Messages;
 
 	[Serializable]
 	public class AcmeResponse : IOpenIdMessageExtension {
 		private IDictionary<string, string> extraData = new Dictionary<string, string>();
 
+		[MessagePart]
+		public string FavoriteIceCream { get; set; }
+
 		#region IOpenIdMessageExtension Members
 
 		/// <summary>
diff --git a/samples/OAuthConsumer/Web.config b/samples/OAuthConsumer/Web.config
index fc4c7dc..c3a808a 100644
--- a/samples/OAuthConsumer/Web.config
+++ b/samples/OAuthConsumer/Web.config
@@ -1,6 +1,7 @@
 <?xml version="1.0"?>
 <configuration>
 	<configSections>
+		<section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
 		<section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false" />
 		<sectionGroup name="system.web.extensions" type="System.Web.Configuration.SystemWebExtensionsSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35">
 			<sectionGroup name="scripting" type="System.Web.Configuration.ScriptingSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35">
@@ -14,6 +15,25 @@
 			</sectionGroup>
 		</sectionGroup>
 	</configSections>
+
+	<!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names),
+	     which is necessary for OpenID urls with unicode characters in the domain/host name. 
+	     It is also required to put the Uri class into RFC 3986 escaping mode, which OpenID and OAuth require. -->
+	<uri>
+		<idn enabled="All"/>
+		<iriParsing enabled="true"/>
+	</uri>
+
+	<system.net>
+		<defaultProxy enabled="true" />
+		<settings>
+			<!-- This setting causes .NET to check certificate revocation lists (CRL) 
+			     before trusting HTTPS certificates.  But this setting tends to not 
+			     be allowed in shared hosting environments. -->
+			<!--<servicePointManager checkCertificateRevocationList="true"/>-->
+		</settings>
+	</system.net>
+
 	<appSettings>
 		<!-- Fill in your various consumer keys and secrets here to make the sample work. -->
 		<!-- You must get these values by signing up with each individual service provider. -->
@@ -26,10 +46,6 @@
 	</appSettings>
 	<connectionStrings/>
 
-	<system.net>
-		<defaultProxy enabled="true" />
-	</system.net>
-
 	<system.web>
 		<!-- 
             Set compilation debug="true" to insert debugging 
diff --git a/samples/OAuthConsumerWpf/App.config b/samples/OAuthConsumerWpf/App.config
index 2f849e4..aef423e 100644
--- a/samples/OAuthConsumerWpf/App.config
+++ b/samples/OAuthConsumerWpf/App.config
@@ -1,9 +1,28 @@
 <?xml version="1.0" encoding="utf-8" ?>
 <configuration>
 	<configSections>
+		<section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
 		<section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false" />
 	</configSections>
 
+	<!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names),
+	     which is necessary for OpenID urls with unicode characters in the domain/host name. 
+	     It is also required to put the Uri class into RFC 3986 escaping mode, which OpenID and OAuth require. -->
+	<uri>
+		<idn enabled="All"/>
+		<iriParsing enabled="true"/>
+	</uri>
+
+	<system.net>
+		<defaultProxy enabled="true" />
+		<settings>
+			<!-- This setting causes .NET to check certificate revocation lists (CRL) 
+			     before trusting HTTPS certificates.  But this setting tends to not 
+			     be allowed in shared hosting environments. -->
+			<!--<servicePointManager checkCertificateRevocationList="true"/>-->
+		</settings>
+	</system.net>
+
 	<appSettings>
 		<!-- Fill in your various consumer keys and secrets here to make the sample work. -->
 		<!-- You must get these values by signing up with each individual service provider. -->
@@ -16,10 +35,6 @@
 		<add key="googleConsumerCertificatePassword" value=""/>
 	</appSettings>
 
-	<system.net>
-		<defaultProxy enabled="true" />
-	</system.net>
-
 	<log4net>
 		<appender name="RollingFileAppender" type="log4net.Appender.RollingFileAppender">
 			<file value="Testing.log" />
diff --git a/samples/OAuthServiceProvider/Web.config b/samples/OAuthServiceProvider/Web.config
index 8fad999..894ad38 100644
--- a/samples/OAuthServiceProvider/Web.config
+++ b/samples/OAuthServiceProvider/Web.config
@@ -1,6 +1,7 @@
 <?xml version="1.0"?>
 <configuration>
 	<configSections>
+		<section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
 		<section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false"/>
 		<sectionGroup name="system.web.extensions" type="System.Web.Configuration.SystemWebExtensionsSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35">
 			<sectionGroup name="scripting" type="System.Web.Configuration.ScriptingSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35">
@@ -14,16 +15,31 @@
 			</sectionGroup>
 		</sectionGroup>
 	</configSections>
+
+	<!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names),
+	     which is necessary for OpenID urls with unicode characters in the domain/host name. 
+	     It is also required to put the Uri class into RFC 3986 escaping mode, which OpenID and OAuth require. -->
+	<uri>
+		<idn enabled="All"/>
+		<iriParsing enabled="true"/>
+	</uri>
+
+	<system.net>
+		<defaultProxy enabled="true" />
+		<settings>
+			<!-- This setting causes .NET to check certificate revocation lists (CRL) 
+			     before trusting HTTPS certificates.  But this setting tends to not 
+			     be allowed in shared hosting environments. -->
+			<!--<servicePointManager checkCertificateRevocationList="true"/>-->
+		</settings>
+	</system.net>
+
 	<appSettings/>
 	<connectionStrings>
   <add name="DatabaseConnectionString" connectionString="Data Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\Database.mdf;Integrated Security=True;User Instance=True"
    providerName="System.Data.SqlClient" />
  </connectionStrings>
 
-	<system.net>
-		<defaultProxy enabled="true" />
-	</system.net>
-
 	<system.web>
 		<!-- 
             Set compilation debug="true" to insert debugging 
diff --git a/samples/OpenIdProviderMvc/Web.config b/samples/OpenIdProviderMvc/Web.config
index 208e827..7b078ef 100644
--- a/samples/OpenIdProviderMvc/Web.config
+++ b/samples/OpenIdProviderMvc/Web.config
@@ -24,6 +24,25 @@
 			</sectionGroup>
 		</sectionGroup>
 	</configSections>
+
+	<!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names),
+	     which is necessary for OpenID urls with unicode characters in the domain/host name. 
+	     It is also required to put the Uri class into RFC 3986 escaping mode, which OpenID and OAuth require. -->
+	<uri>
+		<idn enabled="All"/>
+		<iriParsing enabled="true"/>
+	</uri>
+
+	<system.net>
+		<defaultProxy enabled="true" />
+		<settings>
+			<!-- This setting causes .NET to check certificate revocation lists (CRL) 
+			     before trusting HTTPS certificates.  But this setting tends to not 
+			     be allowed in shared hosting environments. -->
+			<!--<servicePointManager checkCertificateRevocationList="true"/>-->
+		</settings>
+	</system.net>
+
 	<!-- this is an optional configuration section where aspects of dotnetopenauth can be customized -->
 	<dotNetOpenAuth>
 		<openid>
@@ -44,23 +63,6 @@
 	</dotNetOpenAuth>
 	<appSettings/>
 
-	<!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names),
-	     which is necessary for OpenID urls with unicode characters in the domain/host name. -->
-	<uri>
-		<idn enabled="All" />
-		<iriParsing enabled="true" />
-	</uri>
-
-	<system.net>
-		<defaultProxy enabled="true" />
-		<settings>
-			<!-- This setting causes .NET to check certificate revocation lists (CRL) 
-			     before trusting HTTPS certificates.  But this setting tends to not 
-			     be allowed in shared hosting environments. -->
-			<!--<servicePointManager checkCertificateRevocationList="true"/>-->
-		</settings>
-	</system.net>
-
 	<system.web>
 		<!-- 
             Set compilation debug="true" to insert debugging 
diff --git a/samples/OpenIdProviderWebForms/Default.aspx b/samples/OpenIdProviderWebForms/Default.aspx
index b216d51..c1c948e 100644
--- a/samples/OpenIdProviderWebForms/Default.aspx
+++ b/samples/OpenIdProviderWebForms/Default.aspx
@@ -21,6 +21,8 @@
 			}
 
 			var bookmarkUrl = document.location + "?rp=" + encodeURIComponent(rpRealm);
+			var bookmarkParagraph = document.getElementById('bookmarkParagraph');
+			var bookmark = document.getElementById('bookmark');
 			bookmarkParagraph.style.display = '';
 			bookmark.href = bookmarkUrl;
 			bookmark.innerHTML = bookmarkUrl;
diff --git a/samples/OpenIdProviderWebForms/Web.config b/samples/OpenIdProviderWebForms/Web.config
index 04d0416..7626751 100644
--- a/samples/OpenIdProviderWebForms/Web.config
+++ b/samples/OpenIdProviderWebForms/Web.config
@@ -24,6 +24,25 @@
 			</sectionGroup>
 		</sectionGroup>
 	</configSections>
+
+	<!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names),
+	     which is necessary for OpenID urls with unicode characters in the domain/host name. 
+	     It is also required to put the Uri class into RFC 3986 escaping mode, which OpenID and OAuth require. -->
+	<uri>
+		<idn enabled="All"/>
+		<iriParsing enabled="true"/>
+	</uri>
+
+	<system.net>
+		<defaultProxy enabled="true" />
+		<settings>
+			<!-- This setting causes .NET to check certificate revocation lists (CRL) 
+			     before trusting HTTPS certificates.  But this setting tends to not 
+			     be allowed in shared hosting environments. -->
+			<!--<servicePointManager checkCertificateRevocationList="true"/>-->
+		</settings>
+	</system.net>
+
 	<!-- this is an optional configuration section where aspects of dotnetopenid can be customized -->
 	<dotNetOpenAuth>
 		<openid>
@@ -41,22 +60,6 @@
 			</untrustedWebRequest>
 		</messaging>
 	</dotNetOpenAuth>
-	<!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names),
-	     which is necessary for OpenID urls with unicode characters in the domain/host name. -->
-	<uri>
-		<idn enabled="All"/>
-		<iriParsing enabled="true"/>
-	</uri>
-
-	<system.net>
-		<defaultProxy enabled="true" />
-		<settings>
-			<!-- This setting causes .NET to check certificate revocation lists (CRL) 
-			     before trusting HTTPS certificates.  But this setting tends to not 
-			     be allowed in shared hosting environments. -->
-			<!--<servicePointManager checkCertificateRevocationList="true"/>-->
-		</settings>
-	</system.net>
 
 	<system.web>
 		<!-- 
diff --git a/samples/OpenIdRelyingPartyMvc/Web.config b/samples/OpenIdRelyingPartyMvc/Web.config
index d865be1..ba97122 100644
--- a/samples/OpenIdRelyingPartyMvc/Web.config
+++ b/samples/OpenIdRelyingPartyMvc/Web.config
@@ -24,6 +24,24 @@
 		</sectionGroup>
 	</configSections>
 
+	<!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names),
+	     which is necessary for OpenID urls with unicode characters in the domain/host name. 
+	     It is also required to put the Uri class into RFC 3986 escaping mode, which OpenID and OAuth require. -->
+	<uri>
+		<idn enabled="All"/>
+		<iriParsing enabled="true"/>
+	</uri>
+
+	<system.net>
+		<defaultProxy enabled="true" />
+		<settings>
+			<!-- This setting causes .NET to check certificate revocation lists (CRL) 
+			     before trusting HTTPS certificates.  But this setting tends to not 
+			     be allowed in shared hosting environments. -->
+			<!--<servicePointManager checkCertificateRevocationList="true"/>-->
+		</settings>
+	</system.net>
+
 	<!-- this is an optional configuration section where aspects of dotnetopenauth can be customized -->
 	<dotNetOpenAuth>
 		<openid>
@@ -41,32 +59,15 @@
 		</messaging>
 	</dotNetOpenAuth>
 
-	<!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names),
-	     which is necessary for OpenID urls with unicode characters in the domain/host name. -->
-	<uri>
-		<idn enabled="All" />
-		<iriParsing enabled="true" />
-	</uri>
-
-	<system.net>
-		<defaultProxy enabled="true" />
-		<settings>
-			<!-- This setting causes .NET to check certificate revocation lists (CRL) 
-			     before trusting HTTPS certificates.  But this setting tends to not 
-			     be allowed in shared hosting environments. -->
-			<!--<servicePointManager checkCertificateRevocationList="true"/>-->
-		</settings>
-	</system.net>
-
 	<appSettings/>
 	<connectionStrings/>
 	<system.web>
 		<!-- 
-            Set compilation debug="true" to insert debugging 
-            symbols into the compiled page. Because this 
-            affects performance, set this value to true only 
-            during development.
-    -->
+			Set compilation debug="true" to insert debugging 
+			symbols into the compiled page. Because this 
+			affects performance, set this value to true only 
+			during development.
+		-->
 		<compilation debug="true">
 			<assemblies>
 				<add assembly="System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>
@@ -80,26 +81,26 @@
 			</assemblies>
 		</compilation>
 		<!--
-            The <authentication> section enables configuration 
-            of the security authentication mode used by 
-            ASP.NET to identify an incoming user. 
-    -->
+			The <authentication> section enables configuration 
+			of the security authentication mode used by 
+			ASP.NET to identify an incoming user. 
+		-->
 		<authentication mode="Forms">
 			<forms defaultUrl="/Home" loginUrl="/User/Login" name="OpenIdRelyingPartyMvcSession"/>
 			<!-- named cookie prevents conflicts with other samples -->
 		</authentication>
 		<!--
-            The <customErrors> section enables configuration 
-            of what to do if/when an unhandled error occurs 
-            during the execution of a request. Specifically, 
-            it enables developers to configure html error pages 
-            to be displayed in place of a error stack trace.
+					The <customErrors> section enables configuration 
+					of what to do if/when an unhandled error occurs 
+					during the execution of a request. Specifically, 
+					it enables developers to configure html error pages 
+					to be displayed in place of a error stack trace.
 
-        <customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm">
-            <error statusCode="403" redirect="NoAccess.htm" />
-            <error statusCode="404" redirect="FileNotFound.htm" />
-        </customErrors>
-    -->
+			<customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm">
+				<error statusCode="403" redirect="NoAccess.htm" />
+				<error statusCode="404" redirect="FileNotFound.htm" />
+			</customErrors>
+		-->
 		<pages>
 			<controls>
 				<add tagPrefix="asp" namespace="System.Web.UI" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
@@ -119,6 +120,7 @@
 			<add verb="*" path="*.asmx" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
 			<add verb="*" path="*_AppService.axd" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
 			<add verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" validate="false"/>
+			<add verb="*" path="*.mvc" validate="false" type="System.Web.Mvc.MvcHttpHandler, System.Web.Mvc, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
 		</httpHandlers>
 		<httpModules>
 			<add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
@@ -140,9 +142,9 @@
 	</system.codedom>
 	<system.web.extensions/>
 	<!-- 
-        The system.webServer section is required for running ASP.NET AJAX under Internet
-        Information Services 7.0.  It is not necessary for previous version of IIS.
-  -->
+		The system.webServer section is required for running ASP.NET AJAX under Internet
+		Information Services 7.0.  It is not necessary for previous version of IIS.
+	-->
 	<system.webServer>
 		<validation validateIntegratedModeConfiguration="false"/>
 		<modules runAllManagedModulesForAllRequests="true">
@@ -156,12 +158,13 @@
 			<remove name="ScriptHandlerFactory"/>
 			<remove name="ScriptHandlerFactoryAppServices"/>
 			<remove name="ScriptResource"/>
+			<remove name="MvcHttpHandler" />
+			<remove name="UrlRoutingHandler" />
 			<add name="ScriptHandlerFactory" verb="*" path="*.asmx" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
 			<add name="ScriptHandlerFactoryAppServices" verb="*" path="*_AppService.axd" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
 			<add name="ScriptResource" preCondition="integratedMode" verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
-			<add name="MvcScriptMap" preCondition="classicMode,bitness32" verb="*" path="*.mvc" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll"/>
-			<add name="MvcScriptMap64" preCondition="classicMode,bitness64" verb="*" path="*.mvc" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v2.0.50727\aspnet_isapi.dll"/>
-			<add name="UrlRoutingHandler" preCondition="integratedMode" verb="*" path="UrlRouting.axd" type="System.Web.Routing.UrlRoutingHandler, System.Web.Routing, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
+			<add name="MvcHttpHandler" preCondition="integratedMode" verb="*" path="*.mvc" type="System.Web.Mvc.MvcHttpHandler, System.Web.Mvc, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
+			<add name="UrlRoutingHandler" preCondition="integratedMode" verb="*" path="UrlRouting.axd" type="System.Web.HttpForbiddenHandler, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
 		</handlers>
 	</system.webServer>
 </configuration>
diff --git a/samples/OpenIdRelyingPartyWebForms/Web.config b/samples/OpenIdRelyingPartyWebForms/Web.config
index daca5cd..2a13828 100644
--- a/samples/OpenIdRelyingPartyWebForms/Web.config
+++ b/samples/OpenIdRelyingPartyWebForms/Web.config
@@ -6,6 +6,24 @@
 		<section name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection" requirePermission="false" allowLocation="true"/>
 	</configSections>
 
+	<!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names),
+	     which is necessary for OpenID urls with unicode characters in the domain/host name. 
+	     It is also required to put the Uri class into RFC 3986 escaping mode, which OpenID and OAuth require. -->
+	<uri>
+		<idn enabled="All"/>
+		<iriParsing enabled="true"/>
+	</uri>
+
+	<system.net>
+		<defaultProxy enabled="true" />
+		<settings>
+			<!-- This setting causes .NET to check certificate revocation lists (CRL) 
+			     before trusting HTTPS certificates.  But this setting tends to not 
+			     be allowed in shared hosting environments. -->
+			<!--<servicePointManager checkCertificateRevocationList="true"/>-->
+		</settings>
+	</system.net>
+
 	<!-- this is an optional configuration section where aspects of dotnetopenauth can be customized -->
 	<dotNetOpenAuth>
 		<openid>
@@ -33,23 +51,6 @@
 		<add key="googleConsumerSecret" value="5Yv1TfKm1551QrXZ9GpqepeD"/>
 	</appSettings>
 
-	<!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names),
-	     which is necessary for OpenID urls with unicode characters in the domain/host name. -->
-	<uri>
-		<idn enabled="All" />
-		<iriParsing enabled="true" />
-	</uri>
-
-	<system.net>
-		<defaultProxy enabled="true" />
-		<settings>
-			<!-- This setting causes .NET to check certificate revocation lists (CRL) 
-			     before trusting HTTPS certificates.  But this setting tends to not 
-			     be allowed in shared hosting environments. -->
-			<!--<servicePointManager checkCertificateRevocationList="true"/>-->
-		</settings>
-	</system.net>
-
 	<system.web>
 		<!--<sessionState cookieless="true" />-->
 		<compilation debug="true"/>
diff --git a/samples/OpenIdRelyingPartyWebForms/loginProgrammatic.aspx.cs b/samples/OpenIdRelyingPartyWebForms/loginProgrammatic.aspx.cs
index fe73b7e..ed11148 100644
--- a/samples/OpenIdRelyingPartyWebForms/loginProgrammatic.aspx.cs
+++ b/samples/OpenIdRelyingPartyWebForms/loginProgrammatic.aspx.cs
@@ -41,11 +41,6 @@
 				// was not a valid OpenID endpoint.
 				this.openidValidator.Text = ex.Message;
 				this.openidValidator.IsValid = false;
-			} catch (WebException ex) {
-				// The user probably entered an Identifier that 
-				// was not a valid OpenID endpoint.
-				this.openidValidator.Text = ex.Message;
-				this.openidValidator.IsValid = false;
 			}
 		}