Hey Everyone!

We wanted to let you all know that you can now opt-in to testing the Twitter
API setting the appropriate Content-Type header
to application/x-www-form-urlencoded on the OAuth-related token exchange
steps (request_token, access_token).

Some background: To date we've been returning the incorrect Content-Type in
our responses to these requests: we've been sending back text/html. To be in
agreement with the actual content we respond to you with, we want to
permanently change our Content-Type HTTP header to respond with
application/x-www-form-urlencoded starting on April 20th, 2010.

To test this in advance of April 20th, simply include an additional HTTP
header to your request_token and access_token requests:
"X-Twitter-Content-Type-Accept" and set it to
"application/x-www-form-urlencoded" -- when you send this HTTP header, we'll
correctly respond with a Content-Type header set to
"application/x-www-form-urlencoded"

If you're using the OAuth gem for Ruby, this can be easily included in your
@consumer.get_request_token and @consumer.get_access_token method calls like
so:

headers = { "X-Twitter-Content-Type-Accept" =>
"application/x-www-form-urlencoded"}

@request_token = @consumer.get_request_token({:oauth_callback =>
callback_url}, nil, headers)

@consumer.get_access_token(request_token, { :oauth_verifier =>
oauth_verifier}, headers)


Implementation in whatever library you're using should be trivial. Most
OAuth libraries should already properly handle the Content-Type response of
application/x-www-form-urlencoded since it's the "to-spec" representation of
responses.

Please let us know if you have any questions or concerns.

Thanks!

Taylor Singletary
Developer Advocate, Twitter
http://twitter.com/episod


On Fri, Mar 12, 2010 at 5:21 PM, Taylor Singletary <
taylorsinglet...@twitter.com> wrote:

> We'll be correcting this on Monday instead of today, folks.
>
> Have a great weekend.
>
> Taylor
>
> On Friday, March 12, 2010, Taylor Singletary
> <taylorsinglet...@twitter.com> wrote:
> > Hello Developers,
> >
> > Though it certainly would be more correct for us to properly set the
> > Content-Type HTTP header throughout the OAuth token acquisition
> > process to "application/x-www-form-urlencoded," it has caused some
> > issues with a number of applications. This afternoon we will restore
> > the original behavior of setting the Content-Type header to "text/
> > html".
> >
> > Being in compliance with the OAuth specification is important to us.
> > Consider our old behavior now on deprecation notice. In four weeks or
> > so we'll begin setting the Content-Type header correctly again. We'll
> > announce a more formal deprecation date within a week of deployment.
> >
> > We invite you to do the right thing with us.
> >
> > Thanks!
> >
> > Taylor
> > http://twitter.com/episod
> >
>
> --
> Taylor Singletary
> Developer Advocate, Twitter
> http://twitter.com/episod
>

To unsubscribe from this group, send email to 
twitter-development-talk+unsubscribegooglegroups.com or reply to this email 
with the words "REMOVE ME" as the subject.

Reply via email to