views:

31

answers:

1

Hello All,

I'm trying to get the "not confirmed" warning to go away when using Yahoo! as an OpenID provider for my Rails 2.3.5 application. The Yahoo! OpenID FAQ[1] recommends "that your site links to its XRDS document using the X-XRDS-Location HTTP header". Does this mean every single response from my Rails app should include this header? How would one go about doing this?

Has anyone had success getting the Yahoo! "not confirmed" warning to go away in a Rails application?

-- Thanks! Bryan

[1]: http://developer.yahoo.com/openid/faq.html Yahoo! OpenID FAQ

A: 

No, only the response from the controller method which responds to '/' has to include the header. You can set this header with:

response.headers['X-XRDS-Location'] = "http://#{request.host}/xrds"
dhofstet
Thanks for the response dhofstet. My root route points to my welcome#home action, and I've added your suggested code above to the action before I render the view. I also have a welcome#xrds action that serves up the XRDS xml file via "send_data IO.open ...". I'm using an action for this so I can set the Content-Type for the XRDS file... does it make sense to do things this way?
Bryan
Nevermind, seems as though it just doesn't work well when testing on localhost... testing it on a staging server reachable from the Interweb works fine. Sweet!
Bryan
Yes, this makes sense. Personally, I use a normal erb view for the xrds content instead of "send_data".
dhofstet
Actually, after further inspection, it looks like the Content-Type is not getting set correctly when I try to set it using response.headers['Content-Type'] or response.content_type=(). Does the MIME Type override any Content-Type I set in the controller?
Bryan