-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 9/16/09 6:31 PM, Hannes Tydén wrote:
> On Sep 17, 1:12 am, Hans Granqvist wrote:
>
>> seems to leave PUT requests with form-encoded name/value pairs in a
>> bad spot, not covered by the core spec (which only deals with POSTs),
>> nor covered by t
On Sep 17, 1:12 am, Hans Granqvist wrote:
> seems to leave PUT requests with form-encoded name/value pairs in a
> bad spot, not covered by the core spec (which only deals with POSTs),
> nor covered by the body hash spec.
I will rephrase my initial question:
Is it true that the base string for "
On Wed, Sep 16, 2009 at 4:12 PM, Hans Granqvist wrote:
>
> BTW, this sentence in
> http://oauth.googlecode.com/svn/spec/ext/body_hash/1.0/oauth-bodyhash.html#when_to_include
>
> "
> # OAuth Consumers MUST NOT include an oauth_body_hash parameter on
> requests with form-encoded request bodies.
>
On Wed, Sep 16, 2009 at 4:06 PM, Hans Granqvist wrote:
> We're going live with some new PUT-based APIs. The body is not name/value
> pairs and thus not application/x-www-form-urlencoded.
>
> Can anybody shed some light on the status of
> http://oauth.googlecode.com/svn/spec/ext/body_hash/1.0/oaut
BTW, this sentence in
http://oauth.googlecode.com/svn/spec/ext/body_hash/1.0/oauth-bodyhash.html#when_to_include
"
# OAuth Consumers MUST NOT include an oauth_body_hash parameter on
requests with form-encoded request bodies.
"
seems to leave PUT requests with form-encoded name/value pairs in a
We're going live with some new PUT-based APIs. The body is not name/value
pairs and thus not application/x-www-form-urlencoded.
Can anybody shed some light on the status of
http://oauth.googlecode.com/svn/spec/ext/body_hash/1.0/oauth-bodyhash.html
and how it relates to OAuth main spec?
Has anyon
You can implement body hashing on top of the Java library, but the
library doesn't implement it.
On Sep 16, 1:06 pm, Monis wrote:
> Do we have the support for this extension in the oauth java library?
--~--~-~--~~~---~--~~
You received this message because you ar
Yes, that's where you can always find the latest version. In this
case, I merely added some finishing touches to David's work and
published it. So all kudos goes to David.
On Sep 16, 1:48 pm, David King wrote:
> Ahh, so is that the most up-to-date oauth js library? Wonder how
> I grabbed the wro
Ahh, so is that the most up-to-date oauth js library? Wonder how I
grabbed the wrong one...
Nice work btw, very similar approach to tackle the problem too!
Good to hear that your at LinkedIn, tis a great site that I need to
use more often :-S
On Sep 11, 1:03 am, John Kristian wrote:
> Thank yo
John,
Do we have the support for this extension in the oauth java library?
On Sep 16, 12:23 am, John Kristian wrote:
> No, the signature base string doesn't contain parameters from the body
> of a PUT request.
>
> There is an extension to protect request
> bodies.http://oauth.googlecode.com/sv
10 matches
Mail list logo
