On Tue, Mar 10, 2009 at 12:08 PM, Marc Worrell <[email protected]> wrote: > > On 10 mrt 2009, at 12:54, Ben Laurie wrote: > > On Tue, Mar 10, 2009 at 11:46 AM, Marc Worrell <[email protected]> wrote: > > The library is character set agnostic, it just handles the names/ > > values as octet streams and therefore doesn't need any UTF-8 encoding/ > > decoding steps. > > Except that the OAuth spec requires UTF-8 encoding, so that is a bug. > > Not really. > > The OAuth spec (editor's cut) says in 3.6 Percent Encoding: > > 1. Text values are first encoded as UTF-8 octets per [RFC3629] if they are > not already. This does not include binary values which are not intended for > human consumption. > > > So, which fields are for human consumption and which not? I wouldn't let my > library make this guess, so better not encode/decode at all and just pass > what was given to it by the application.
There's no reason your library should guess - it can be told, surely? > > - Marc > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---
