How To: Test the upcoming Content-Type HTTP header change in advance

[Taylor Singletary]

Hey Everyone!

We wanted to let you all know that you can now opt-in to testing the Twitter API setting the appropriate Content-Type header to application/x-www-form-urlencoded on the OAuth-related token exchange steps (request_token, access_token). 

Some background: To date we've been returning the incorrect Content-Type in our responses to these requests: we've been sending back text/html. To be in agreement with the actual content we respond to you with, we want to permanently change our Content-Type HTTP header to respond with application/x-www-form-urlencoded starting on April 20th, 2010.

To test this in advance of April 20th, simply include an additional HTTP header to your request_token and access_token requests: "X-Twitter-Content-Type-Accept" and set it to "application/x-www-form-urlencoded" -- when you send this HTTP header, we'll correctly respond with a Content-Type header set to "application/x-www-form-urlencoded"

If you're using the OAuth gem for Ruby, this can be easily included in your @consumer.get_request_token and @consumer.get_access_token method calls like so:

headers = { "X-Twitter-Content-Type-Accept" => "application/x-www-form-urlencoded"} 

@request_token = @consumer.get_request_token({:oauth_callback => callback_url}, nil, headers) 

@consumer.get_access_token(request_token, { :oauth_verifier => oauth_verifier}, headers)

Implementation in whatever library you're using should be trivial. Most OAuth libraries should already properly handle the Content-Type response of application/x-www-form-urlencoded since it's the "to-spec" representation of responses.

Please let us know if you have any questions or concerns.

Thanks!

Taylor Singletary
Developer Advocate, Twitter
http://twitter.com/episod

On Fri, Mar 12, 2010 at 5:21 PM, Taylor Singletary <taylorsi...@twitter.com> wrote:

We'll be correcting this on Monday instead of today, folks.

Have a great weekend.

Taylor

On Friday, March 12, 2010, Taylor Singletary

<taylorsi...@twitter.com> wrote:
> Hello Developers,
>
> Though it certainly would be more correct for us to properly set the
> Content-Type HTTP header throughout the OAuth token acquisition
> process to "application/x-www-form-urlencoded," it has caused some
> issues with a number of applications. This afternoon we will restore
> the original behavior of setting the Content-Type header to "text/
> html".
>
> Being in compliance with the OAuth specification is important to us.
> Consider our old behavior now on deprecation notice. In four weeks or
> so we'll begin setting the Content-Type header correctly again. We'll
> announce a more formal deprecation date within a week of deployment.
>
> We invite you to do the right thing with us.
>
> Thanks!
>
> Taylor
> http://twitter.com/episod
>

--

Taylor Singletary
Developer Advocate, Twitter
http://twitter.com/episod