Edit: It turns out I'm wrong about the spec. I should've read it more carefully. It explicitly allows the
<meta> tag version of specifying the X-XRDS-Location header. The remainder of this post is unchanged for posterity.
LJ does not return the
X-XRDS-Location for a person's LJ OpenID page (i.e. http://username.livejournal.com/). It returns a
<meta http-equiv="X-XRDS-Location" content="http://username.livejournal.com/data/yadis" /> tag in the generated page, but not in the headers returned by the webserver.
This isn't very useful. The reason the spec specifies that the header be a webserver header is two-fold:
First an OpenID page may not be HTML at all. It might a JPEG or some other random thing. So you can't count on there being a
<meta> tag to use.
Secondly, parsing HTML is hard. People do all kinds of stupid and hairy things with HTML and browsers render it OK, so they don't ever do it right. It's a ridiculous burden to place on an OpenID consumer application to have to parse HTML in order to work.
As proof that LJ does not return the proper
X-XRDS-Location header, I submit the following transcript:
$ telnet omnifarious.livejournal.com 80 Trying 18.104.22.168... Connected to omnifarious.livejournal.com (22.214.171.124). Escape character is '^]'. GET / HTTP/1.1 Host: omnifarious.livejournal.com Connection: close HTTP/1.0 200 OK Date: Fri, 09 Feb 2007 10:35:54 GMT Server: Apache Set-Cookie: ljuniq=obscured_so_you_cant_hack_me expires=sometime; domain=.livejournal.com; path=/ Cache-Control: private, proxy-revalidate Vary: Accept-Encoding Content-length: 43896 Connection: close Content-Type: text/html; charset=utf-8 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> blah.... blah... blah...
As you can see, no
Why is this? Is it going to be fixed anytime soon?