Hi Krish, Thanks for following up! With the current OAuthAuthorizeToken service, I can't think of a good way to prevent users from seeing the error if they use their browser back buttons. Most browsers compensate for a HTTP redirect or HTML meta refresh by not including the page with the redirect/refresh in the browser history, so my previous suggestion probably wasn't good. If you get new request tokens for users on your callback page, they will still be sending the old ones to the service if they hit their browser back buttons (the token is in the URL).
I'll do some research to see why the OAuthAuthorizeToken page doesn't send an error to the callback URL instead of displaying it to the user. This seems like it would solve the issue, but there might be an argument I'm overlooking for not doing this. Thanks again! Paul -- You received this message because you are subscribed to the Google Groups "Google Health Developers" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/googlehealthdevelopers?hl=en.
