Merge branch 'master' into testing

lib/router.php

@@ -263,7 +263,7 @@ class Router
             $m->connect('tag', array('action' => 'publictagcloud'));
             $m->connect('tag/:tag/rss',
                         array('action' => 'tagrss'),
-                        array('tag' => '[a-zA-Z0-9]+'));
+                        array('tag' => '[\pL\pN_\-\.]{1,64}'));
             $m->connect('tag/:tag',
                         array('action' => 'tag'),
                         array('tag' => '[\pL\pN_\-\.]{1,64}'));
@@ -749,12 +749,12 @@ class Router
                 $m->connect('tag/:tag/rss',
                             array('action' => 'userrss',
                                   'nickname' => $nickname),
-                            array('tag' => '[a-zA-Z0-9]+'));
+                            array('tag' => '[\pL\pN_\-\.]{1,64}'));
 
                 $m->connect('tag/:tag',
                             array('action' => 'showstream',
                                   'nickname' => $nickname),
-                            array('tag' => '[a-zA-Z0-9]+'));
+                            array('tag' => '[\pL\pN_\-\.]{1,64}'));
 
                 $m->connect('rsd.xml',
                             array('action' => 'rsd',
@@ -815,12 +815,12 @@ class Router
                 $m->connect(':nickname/tag/:tag/rss',
                             array('action' => 'userrss'),
                             array('nickname' => '[a-zA-Z0-9]{1,64}'),
-                            array('tag' => '[a-zA-Z0-9]+'));
+                            array('tag' => '[\pL\pN_\-\.]{1,64}'));
 
                 $m->connect(':nickname/tag/:tag',
                             array('action' => 'showstream'),
                             array('nickname' => '[a-zA-Z0-9]{1,64}'),
-                            array('tag' => '[a-zA-Z0-9]+'));
+                            array('tag' => '[\pL\pN_\-\.]{1,64}'));
 
                 $m->connect(':nickname/rsd.xml',
                             array('action' => 'rsd'),

plugins/OpenID/openidserver.php

@@ -69,9 +69,13 @@ class OpenidserverAction extends Action
                     //cannot prompt the user to login in immediate mode, so answer false
                     $response = $this->generateDenyResponse($request);
                 }else{
-                    /* Go log in, and then come back. */
+                    // Go log in, and then come back.
+                    //
+                    // Note: 303 redirect rather than 307 to avoid
+                    // prompting user for form resubmission if we
+                    // were POSTed here.
                     common_set_returnto($_SERVER['REQUEST_URI']);
-                    common_redirect(common_local_url('login'));
+                    common_redirect(common_local_url('login'), 303);
                     return;
                 }
             }else if(common_profile_url($user->nickname) == $request->identity || $request->idSelect()){
@@ -90,8 +94,13 @@ class OpenidserverAction extends Action
                         $this->oserver->encodeResponse($denyResponse); //sign the response
                         $_SESSION['openid_allow_url'] = $allowResponse->encodeToUrl();
                         $_SESSION['openid_deny_url'] = $denyResponse->encodeToUrl();
-                        //ask the user to trust this trust root
+
-                        common_redirect(common_local_url('openidtrust'));
+                        // Ask the user to trust this trust root...
+                        //
+                        // Note: 303 redirect rather than 307 to avoid
+                        // prompting user for form resubmission if we
+                        // were POSTed here.
+                        common_redirect(common_local_url('openidtrust'), 303);
                         return;
                     }
                 }else{