The method is there to prevent request tampering. For example a man in the middle could alter a GET request into a DELETE request and the signatures would still match.
On Mon, May 3, 2010 at 7:19 AM, Carlos <[email protected]> wrote: > Hi experts, what is the purpose of having the GET/POST plus the > ampersand in theb eginnning of the base string for signing the > requests? > > Regards, Carlos > > -- > You received this message because you are subscribed to the Google Groups > "OAuth" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected] <oauth%[email protected]>. > For more options, visit this group at > http://groups.google.com/group/oauth?hl=en. > > -- You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/oauth?hl=en.
