diff options
Diffstat (limited to 'projecttemplates/MvcRelyingParty/Controllers/AccountController.cs')
| -rw-r--r-- | projecttemplates/MvcRelyingParty/Controllers/AccountController.cs | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/projecttemplates/MvcRelyingParty/Controllers/AccountController.cs b/projecttemplates/MvcRelyingParty/Controllers/AccountController.cs index af0cbb8..33217e9 100644 --- a/projecttemplates/MvcRelyingParty/Controllers/AccountController.cs +++ b/projecttemplates/MvcRelyingParty/Controllers/AccountController.cs @@ -93,7 +93,7 @@ /// because some OpenID positive assertions messages otherwise look like /// hack attempts and result in errors when validation is turned on. /// </remarks> - [AcceptVerbs(HttpVerbs.Get | HttpVerbs.Post), ValidateInput(false)] + [AcceptVerbs(HttpVerbs.Post), ValidateInput(false)] public ActionResult LogOnPostAssertion(string openid_openidAuthData) { IAuthenticationResponse response; if (!string.IsNullOrEmpty(openid_openidAuthData)) { @@ -114,7 +114,7 @@ case AuthenticationStatus.Authenticated: var token = RelyingPartyLogic.User.ProcessUserLogin(response); this.FormsAuth.SignIn(token.ClaimedIdentifier, false); - string returnUrl = response.GetUntrustedCallbackArgument("returnUrl"); + string returnUrl = Request.Form["returnUrl"]; if (!String.IsNullOrEmpty(returnUrl)) { return Redirect(returnUrl); } else { |