I'm doing makeRequests with post params containing square brackets and
parens (because I'm working in Rails). Like so:
os_params[gadgets.io.RequestParameters.AUTHORIZATION] =
gadgets.io.AuthorizationType.SIGNED;
os_params[gadgets.io.RequestParameters.CONTENT_TYPE] =
gadgets.io.ContentType.HTML;
os_params[gadgets.io.RequestParameters.METHOD] =
gadgets.io.MethodType.POST;
os_params[gadgets.io.RequestParameters.POST_DATA] =
"a=b&user(name)=foo&user[zip]=bar";
gadgets.io.makeRequest(url, serverResponse, os_params);
The signature verifies on my server only if I throw out all CGI params
with square brackets [] and parens ().
It appears to me that orkut's signing algo is simply dropping these
params from the signature base string.
It doesn't help to encode the brackets or parens, like this:
os_params[gadgets.io.RequestParameters.POST_DATA] = "a=b&user
%28name%29=foo&user%5Bzip%5D=bar";
It also doesn't help to double encode, like this:
os_params[gadgets.io.RequestParameters.POST_DATA] = "a=b&user
%2528name%2529=foo&user%255Bzip%255D=bar";
I don't really want to encrypt this stuff to hide it from the proxy.
Thoughts, anyone?
If this is the wrong place to make a bug report, I'd be glad to hear
that too.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Orkut Developer Forum" group.
To post to this group, send email to opensocial-orkut@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/opensocial-orkut?hl=en
-~----------~----~----~----~------~----~------~--~---
