> And I'm not trying to be a nit-picky HTTP purist here. I'm talking about > real-world problems from browsers, plugins, and/or proxies that believe GETs > are actually side-effect free, that are causing logins to fail.
Yep, unfortunately the user experience in POST requests is suboptimal, so nobody is excited to move this direction. If the lack of effect-freeness is being manifested mostly in nonce verification failures, then we could have a discussion around that that might lead us somewhere. _______________________________________________ specs mailing list [email protected] http://lists.openid.net/mailman/listinfo/openid-specs
