> -----Original Message----- > From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf > Of Richard Barnes > Sent: Monday, April 19, 2010 2:29 PM > To: Mike Moore > Cc: OAuth WG > Subject: Re: [OAUTH-WG] application/x-www-form-urlencoded vs JSON > > On the other hand, if you've already got a JSON or XML library on hand (as > many apps these days do), then JSON/XML is a lot easier to handle than > form-encoded. Plus, if you're not re-using form-encoding, then there's no > risk of being confused with actual "forms" / request parameters. Not trying > to argue one side or the other, just noting that there are trade-offs. > > To refine Eran's point a little, how about this proposal?
My point is that it doesn't have to cause client problems. I am not advocating (or objecting) to this approach. > 1. Define N encodings of the OAuth parameters 2. Require servers to support > *all* encodings 3. Require clients to support *one* encoding (and to send > only one at a time!) 4. Require servers to respond in the encoding they > receive > > Seems like that would minimize the burden on clients, without placing a huge > burden on servers. This looks like a good way to do it, but it does add complexity. EHL _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
