Hi,
I've been spending some time getting my head around Open Socials signed request mechanism, and I'm getting there, but one thing puzzles me. Does the signature sign to your app specifically, or just to all of Orkut's domain. If the latter what is preventing a malicious user publishing an app that appears legit, but secretly is making signed requests to other servers? I must be wrong, i hope :) David entertainment cloud. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Orkut Developer Forum" group. To post to this group, send email to opensocial-orkut@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/opensocial-orkut?hl=en -~----------~----~----~----~------~----~------~--~---
