I’d like to propose that we standardize how URLs are passed into makeRequest. Can we formalize that all incoming URLs/parameters are completely unescaped/unencoded and the container is responsible for all encoding?
Thanks,
Chad Russell
No. URLs without URL encoding are inherently ambiguous, the container
has no way to know how to properly encode them. Example:
Unencoded: http://www.example.com?foo=bar&baz=quux
That can be encoded several different ways. Maybe the developer meant
to pass parameters like foo=bar followed by baz=quux, or maybe they
meant to say that the parameter named 'foo' has the value
bar&baz=quux. The only way to disambiguate the request is for the
developer to do the encoding themselves.
I assume there is a specific problem that led to this proposal - can
you describe the problem so we can see if there is a better way to
address the issue?
Cheers,
Brian
We've just noticed that some apps are encoding some things, other apps
aren't encoding at all, etc, and it'd be nice to standardize in some way
rather than guess what needs to be done.
Thanks,
Chad
No, we can't do that either. =) OAuth signing requires changing the encoding.
> We've just noticed that some apps are encoding some things, other apps
> aren't encoding at all, etc, and it'd be nice to standardize in some way
> rather than guess what needs to be done.
The algorithm in Shindig for non-OAuth is for the gadget server to not
touch the request encoding, I think.
For OAuth we decode and then reencode, and I think that has to happen.