diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2009-10-26 10:13:33 -0700 |
|---|---|---|
| committer | Andrew Arnott <andrewarnott@gmail.com> | 2009-10-26 10:13:33 -0700 |
| commit | f242e046f2c0c3bd35d0d09e05eea166ded7b71d (patch) | |
| tree | b19185876d7be3684ed70a556aaca47e2857ceb9 /src | |
| parent | 6cd69d633f58145e902c75c8660c3f9b4f793899 (diff) | |
| download | DotNetOpenAuth-f242e046f2c0c3bd35d0d09e05eea166ded7b71d.zip DotNetOpenAuth-f242e046f2c0c3bd35d0d09e05eea166ded7b71d.tar.gz DotNetOpenAuth-f242e046f2c0c3bd35d0d09e05eea166ded7b71d.tar.bz2 | |
Fixed retrieval of unprotected callback argument.
Diffstat (limited to 'src')
| -rw-r--r-- | src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingPartyAjaxControlBase.cs | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingPartyAjaxControlBase.cs b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingPartyAjaxControlBase.cs index 940d720..46b6c54 100644 --- a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingPartyAjaxControlBase.cs +++ b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingPartyAjaxControlBase.cs @@ -322,7 +322,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { if (this.AuthenticationResponse != null && !this.AuthenticationProcessedAlready) { // Only process messages targeted at this control. // Note that Stateless mode causes no receiver to be indicated. - string receiver = this.AuthenticationResponse.GetCallbackArgument(ReturnToReceivingControlId); + string receiver = this.AuthenticationResponse.GetUntrustedCallbackArgument(ReturnToReceivingControlId); if (receiver == null || receiver == this.ClientID) { this.ProcessResponse(this.AuthenticationResponse); this.AuthenticationProcessedAlready = true; |