This is a bad example. This deals with encoding for the purpose if the signature base string. Not the same as decoding responses which I doubt is a problem for Twitter as I think their token values are URL safe.
EHL On 5/23/10 3:32 PM, "Dick Hardt" <[email protected]> wrote: Frustration devs have with URL encoding. This is the core motivation to using JSON as the AS response format. -- Dick Begin forwarded message: From: Andrew Badera <[email protected]> Date: May 23, 2010 2:57:44 PM PDT To: [email protected] Cc: [email protected] Subject: [oauth] Re: [twitter-dev] Hard lesson learned Reply-To: [email protected] Miguel, This 'lesson' has been 'learned' and re-learned many times over, here on the Twitter dev list and on the oauth list. One would hope that at some point this issue would rise to enough prominence to get people in charge of implementation, and sig participants in general, to do something about it. The common developer these days is not a super savvy geek, and even the super savvy geeks among us waste time on this issue, again and again. ? Andy Badera ? +1 518-641-1280 Google Voice ? This email is: [ ] bloggable [x] ask first [ ] private ? Google me: http://www.google.com/search?q=andrew%20badera On Sun, May 23, 2010 at 5:52 PM, Miguel de Icaza <[email protected]> wrote: Hello guys, Perhaps the most frustrating piece in dealing with the OAuth configuration is that the twitter OAuth page talks casually about "urlEncode". You need to "urlEncode this" and "urlEncode that". What the page does not say is that "urlEncode" is not a standard urlEncoding system that web developers are used to. The urlEncode required by OAuth signatures is actually "percent encode" and it is *required* that you use percent encoding for anything but a small subset of characters. The only characters that do not require percent encoding are: unreserved = a through z, A through Z, 0 through 9 and '-', '.', '_', '~' Miguel
_______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
