Miguel, This 'lesson' has been 'learned' and re-learned many times over, here on the Twitter dev list and on the oauth list. One would hope that at some point this issue would rise to enough prominence to get people in charge of implementation, and sig participants in general, to do something about it. The common developer these days is not a super savvy geek, and even the super savvy geeks among us waste time on this issue, again and again.
∞ Andy Badera ∞ +1 518-641-1280 Google Voice ∞ This email is: [ ] bloggable [x] ask first [ ] private ∞ Google me: http://www.google.com/search?q=andrew%20badera On Sun, May 23, 2010 at 5:52 PM, Miguel de Icaza <miguel.de.ic...@gmail.com>wrote: > Hello guys, > > Perhaps the most frustrating piece in dealing with the OAuth > configuration is that the twitter OAuth page talks casually about > "urlEncode". You need to "urlEncode this" and "urlEncode that". What > the page does not say is that "urlEncode" is not a standard > urlEncoding system that web developers are used to. The urlEncode > required by OAuth signatures is actually "percent encode" and it is > *required* that you use percent encoding for anything but a small > subset of characters. > > The only characters that do not require percent encoding are: > > unreserved = a through z, A through Z, 0 through 9 and '-', '.', '_', > '~' > > Miguel >
