I don't think Fedora's OpenID login has this flaw. Would it be possible
to allow OpenID login for white-listed providers which are known to be
well-behaved?
Unfortunately, Fedora's OpenID returns HTTP even when the request is with HTTPS.
_______________________________________________ i18n mailing list -- i18n@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to i18n-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/i18n@xxxxxxxxxxxxxxxxxxxxxxx/message/CXWDZQKOCVTYB6KZMEIJMYXKNC7RWL3K/
