Yes. You are right. Maybe you can read following OAuth draft which tries to specify how to sign http request bodies that are not application/x-www-form-urlencoded. http://oauth.googlecode.com/svn/spec/ext/body_hash/1.0/drafts/1/spec.html.
Also the discussion in following web page is quite helpful: http://groups.google.com/group/oauth/browse_thread/thread/acd036474649402a/8a07b353faca5cea?pli=1 Gerald On Sun, Mar 1, 2009 at 10:21 PM, Martin Atkins <m...@degeneration.co.uk>wrote: > > > One I encountered recently: > > The OAuth spec doesn't define how to generate the signature for HTTP > requests with bodies that are not application/x-www-form-urlencoded. > > > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to oauth@googlegroups.com To unsubscribe from this group, send email to oauth+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---