Hey Everyone!
We wanted to let you all know that you can now opt-in to testing the Twitter API setting the appropriate Content-Type header to application/x-www-form-urlencoded on the OAuth-related token exchange steps (request_token, access_token).
Some background: To date we've been returning the incorrect Content-Type in our responses to these requests: we've been sending back text/html. To be in agreement with the actual content we respond to you with, we want to permanently change our Content-Type HTTP header to respond with application/x-www-form-urlencoded starting on April 20th, 2010.
To test this in advance of April 20th, simply include an additional HTTP header to your request_token and access_token requests: "X-Twitter-Content-Type-Accept" and set it to "application/x-www-form-urlencoded" -- when you send this HTTP header, we'll correctly respond with a Content-Type header set to "application/x-www-form-urlencoded"
If you're using the OAuth gem for Ruby, this can be easily included in your @consumer.get_request_token and @consumer.get_access_token method calls like so:
headers = { "X-Twitter-Content-Type-Accept" => "application/x-www-form-urlencoded"}
@request_token = @consumer.get_request_token({:oauth_callback => callback_url}, nil, headers)
@consumer.get_access_token(request_token, { :oauth_verifier => oauth_verifier}, headers)
Implementation in whatever library you're using should be trivial. Most OAuth libraries should already properly handle the Content-Type response of application/x-www-form-urlencoded since it's the "to-spec" representation of responses.
Please let us know if you have any questions or concerns.
Thanks!
Taylor Singletary
Developer Advocate, Twitter
http://twitter.com/episod
On Fri, Mar 12, 2010 at 5:21 PM, Taylor Singletary
<taylorsi...@twitter.com> wrote:
We'll be correcting this on Monday instead of today, folks.
Have a great weekend.
Taylor
On Friday, March 12, 2010, Taylor Singletary
<
taylorsi...@twitter.com> wrote:
> Hello Developers,
>
> Though it certainly would be more correct for us to properly set the
> Content-Type HTTP header throughout the OAuth token acquisition
> process to "application/x-www-form-urlencoded," it has caused some
> issues with a number of applications. This afternoon we will restore
> the original behavior of setting the Content-Type header to "text/
> html".
>
> Being in compliance with the OAuth specification is important to us.
> Consider our old behavior now on deprecation notice. In four weeks or
> so we'll begin setting the Content-Type header correctly again. We'll
> announce a more formal deprecation date within a week of deployment.
>
> We invite you to do the right thing with us.
>
> Thanks!
>
> Taylor
>
http://twitter.com/episod
>
--