[project @ Update NEWS, add specific error to complete() with query as first parameter]

author: tailor <cygnus@janrain.com> 2007-11-27 22:22:14 +0000
committer: tailor <cygnus@janrain.com> 2007-11-27 22:22:14 +0000
commit: 350de628a743e433c2abf42c0e4d752e8a587984 (patch)
tree: e2ca8cd790a1ceb3fa1178c5860f82eeb2dd5947 /NEWS
parent: 691ad461b09f249f2cbd4614c68576ebb303ea2f (diff)
download: php-openid-350de628a743e433c2abf42c0e4d752e8a587984.zip
php-openid-350de628a743e433c2abf42c0e4d752e8a587984.tar.gz
php-openid-350de628a743e433c2abf42c0e4d752e8a587984.tar.bz2
1 files changed, 5 insertions, 2 deletions
diff --git a/NEWS b/NEWS
index 0bfe3ee..fb604f6 100644
--- a/NEWS
+++ b/NEWS
@@ -44,9 +44,12 @@ If you cannot run the Python script, you can re-create your store by
 dropping the tables in the store and calling createTables() on the
 store object.
 
-Consumers should now pass an additional parameter to
+Consumers should now pass the consumer return_to URL to
 Auth_OpenID_Consumer::complete() to defend against return_to URL
-tampering.
+tampering.  This has REPLACED the old parameter, $query.  $query is
+now a second optional parameter.  It is STRONGLY RECOMMENDED that you
+never override $query, since the OpenID library uses its own logic to
+sidestep PHP's broken request-processing code.
 
 
 Summary of API Changes
author	tailor <cygnus@janrain.com>	2007-11-27 22:22:14 +0000
committer	tailor <cygnus@janrain.com>	2007-11-27 22:22:14 +0000
commit	350de628a743e433c2abf42c0e4d752e8a587984 (patch)
tree	e2ca8cd790a1ceb3fa1178c5860f82eeb2dd5947 /NEWS
parent	691ad461b09f249f2cbd4614c68576ebb303ea2f (diff)
download	php-openid-350de628a743e433c2abf42c0e4d752e8a587984.zip php-openid-350de628a743e433c2abf42c0e4d752e8a587984.tar.gz php-openid-350de628a743e433c2abf42c0e4d752e8a587984.tar.bz2