You see this is where the complexity comes in :-) Before which of the concatenations should the encoding be done? There is the concatenation of the parameters with & in step 1 as well as the concatenation of the 3 parts of the SBS.
So before we had it encoded as part of both step 1 and step 3. My current reading is that it should be done only as part of step 3. As the "&"'s from the parameters are escaped in the SBS. P On Thu, Jan 22, 2009 at 2:57 PM, Marc Worrell <[email protected]> wrote: > > In fact it is all very simple :-) (famous last words) > > In general: encode before you concatenate with '&'. > > On 22 jan 2009, at 20:12, Pelle Braendgaard wrote: >> 1. Normalize the request parameters, which means only ordering the >> parameters and then separating them with "&"'s ( 9.1.1) > > The request parameters are encoded before the concatenation. > (Otherwise you could not have a '&' in any parameter.) > >> 2. Normalizing the URL (9.1.2) >> 3. Concatenation of the encoded versions of (the http request method, >> the normalized url (see step 2) and the normalized request parameters >> (see step 1.) (9.1.3) >> >> The Ruby implementation encodes each parameter in step 1 and then >> re-encodes them in step 3. > > That is correct behaviour. The result in step 3 is a concatenation of > 3 parts, all parts are encoded before concatenating. > >> I have corrected this in git so far. But >> would like to just check that my analysis is correct, so we can close >> this chapter once and for all. > > Hope this is now closed :-) > > - Marc > > > > -- http://agree2.com - Reach Agreement! http://extraeagle.com - Solutions for the electronic Extra Legal world http://stakeventures.com - Bootstrapping blog --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---
