From 17504d018083f2a1dd2ea6a7453f0ffa5dddbc0c Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Tue, 17 Jun 2008 11:20:51 -0400 Subject: [PATCH] fixup & darcs-hash:20080617152051-84dde-bc311c05a6cb15cdc5ac52f56964fa98f42f3927.gz --- actions/openidlogin.php | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/actions/openidlogin.php b/actions/openidlogin.php index a9fbf7a26d..5d0537998d 100644 --- a/actions/openidlogin.php +++ b/actions/openidlogin.php @@ -113,7 +113,12 @@ class OpenidloginAction extends Action { $form_id = 'openid_message'; $form_html = $auth_request->formMarkup($trust_root, $process_url, false, array('id' => $form_id)); - + + # XXX: This is cheap, but things choke if we don't escape ampersands + # in the HTML attributes + + $form_html = preg_replace('/&/', '&', $form_html); + // Display an error if the form markup couldn't be generated; // otherwise, render the HTML. if (Auth_OpenID::isFailure($form_html)) { -- 2.39.5