On Thu, Feb 5, 2009 at 2:42 PM, Jordan Zimmerman <jord...@shop.com> wrote: >>Most people do use query strings, and it does work. > So, it doesn't create a security hole? I don't understand the encoding > process enough to determine this.
The Shindig code promises that: oauth/xoauth/opensocial parameters are controlled by the container, not the gadget. The other parameters on the request came from the gadget. > Unless I'm missing something, they'd all have to alter the sample code > on the net. Or, maybe the sample code is wrong? It might be, but I doubt it.
