On Tue, Jun 17, 2008 at 10:15 AM, Chris Chabot <[EMAIL PROTECTED]> wrote:
> I do indeed, however it's a bit messier then that still. > > It looks (when checking out the iframe urls and social rest requests in > firebug) that the token is urlencode(base64_encoded()) fine on the gadget > url .. however the gadget it self has the urldecoded (but base64_ENcoded()) > in memory .. on making a social data request it uses the un-encoded (but > base64 encoded) security token ... which at least in my tests on firefox 3 > and safari 3 automagically get encoded again.. > > I guess kevin's suggestion for replacing + and ='s might be a way to go i > guess > > How come this does automatically works for the java side (and i mean with > real tokens and not plain text john.doe:jane.doe style ones, cause thats > cheating! :) We use a generic encoder that can take any arbitrary set of digits: http://svn.apache.org/viewvc/incubator/shindig/trunk/java/common/src/main/java/org/apache/shindig/common/util/StringEncoding.java?revision=655698&view=markup > > > -- Chris > > > On Jun 17, 2008, at 7:08 PM, Ropu wrote: > > i think chris solution included the urlencode(), but not stated >> implicitly... since all params are urlencoded when added to the iframe. >> (you >> can see the urldecode() in shindig) >> > >
