Online Accounts: Account plugins

Sina account plugin uses insecure http

Bug #1038871 reported by Alberto Mardegan
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Online Accounts: Account plugins
Confirmed
Low
Unassigned

Bug Description

The sina account plugin uses "http" for its OAuth flow, but "https" is also available. That should be preferred.

http://open.weibo.com/wiki/Oauth2

And here's a couple of links that might be useful for the implementation:

http://code.google.com/p/justin-zhang-projects/source/browse/trunk/Connection/99+Other/Sina+API+test.txt?r=219
https://bitbucket.org/kaiix/weibopy/src

Alberto Mardegan (mardy)
Changed in online-accounts-account-plugins:
assignee: nobody → Alberto Mardegan (mardy)
status: New → In Progress
Revision history for this message
Alberto Mardegan (mardy) wrote :

It seems that something is wrong with Sina's SSL certificates. When QNetworkManager raises these errors:

"The issuer certificate of a locally looked up certificate could not be found", "The root CA certificate is not trusted for this purpose"

Revision history for this message
Alberto Mardegan (mardy) wrote :

Here is what firefox says:

========
www.weibo.com uses an invalid security certificate.

The certificate is only valid for the following names:
  *.pantherssl.com , pantherssl.com

(Error code: ssl_error_bad_cert_domain)
========

Alberto Mardegan (mardy)
Changed in online-accounts-account-plugins:
status: In Progress → Confirmed
assignee: Alberto Mardegan (mardy) → nobody
David King (amigadave)
Changed in online-accounts-account-plugins:
importance: Undecided → Low
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.