ruby-on-railsopenidyahoo-oauth

Location Header for Yahoo! OpenID in Rails App


I'm trying to get the "not confirmed" warning to go away when using Yahoo! as an OpenID provider for my Rails 2.3.5 application. The Yahoo! OpenID FAQ[1] recommends "that your site links to its XRDS document using the X-XRDS-Location HTTP header". Does this mean every single response from my Rails app should include this header? How would one go about doing this?

Has anyone had success getting the Yahoo! "not confirmed" warning to go away in a Rails application?

-- Thanks! Bryan

[1]: http://developer.yahoo.com/openid/faq.html Yahoo! OpenID FAQ


Solution

  • No, only the response from the controller method which responds to '/' has to include the header. You can set this header with:

    response.headers['X-XRDS-Location'] = "http://#{request.host}/xrds"