Log in

No account? Create an account
LiveJournal Development [entries|archive|friends|userinfo]
LiveJournal Development

[ userinfo | livejournal userinfo ]
[ archive | journal archive ]

February 9th, 2007

OpenID, Yadis and the X-XRDS-Location header [Feb. 9th, 2007|02:40 am]
LiveJournal Development


[mood |curiouscurious]

Edit: It turns out I'm wrong about the spec. I should've read it more carefully. It explicitly allows the <meta> tag version of specifying the X-XRDS-Location header. The remainder of this post is unchanged for posterity.

LJ does not return the X-XRDS-Location for a person's LJ OpenID page (i.e. http://username.livejournal.com/). It returns a <meta http-equiv="X-XRDS-Location" content="http://username.livejournal.com/data/yadis" /> tag in the generated page, but not in the headers returned by the webserver.

This isn't very useful. The reason the spec specifies that the header be a webserver header is two-fold:

First an OpenID page may not be HTML at all. It might a JPEG or some other random thing. So you can't count on there being a <meta> tag to use.

Secondly, parsing HTML is hard. People do all kinds of stupid and hairy things with HTML and browsers render it OK, so they don't ever do it right. It's a ridiculous burden to place on an OpenID consumer application to have to parse HTML in order to work.

As proof that LJ does not return the proper X-XRDS-Location header, I submit the following transcript:

It's slightly wideCollapse )

As you can see, no X-XRDS-Location header.

Why is this? Is it going to be fixed anytime soon?

link23 comments|post comment

[ viewing | February 9th, 2007 ]
[ go | Previous Day|Next Day ]