iovzt / oauth-php

Automatically exported from code.google.com/p/oauth-php
MIT License
0 stars 0 forks source link

r102 broke urltranscode (and urlencoded + in call content causes verify failure) #99

Open GoogleCodeExporter opened 8 years ago

GoogleCodeExporter commented 8 years ago
What steps will reproduce the problem?
1. Use oauth-php as the server end-point library
2. Make a call with a space character in one of the parameters (which gets form 
encoded to a "+")
3. see that the verification fails due to the base signature string containing 
the %2B rather than the %20 for space

revision 102 (committed with comment Oauth 1.0a compatibility) changed this 
(which works for this case):

return $this->urlencode(urldecode($s));

to be:

return $this->urlencode(rawurldecode($s));

which doesn't change the + at all as the comment on the method suggests it 
should.

Original issue reported on code.google.com by steves%m...@gtempaccount.com on 4 Mar 2011 at 11:19

GoogleCodeExporter commented 8 years ago
I stumbled into the same issue. Wondered why the change in the code had been 
made. 

Probably removing the transcode function call from the end of the constructor 
would fix this as well? (Did not try, I made the same change as above.)

Original comment by pertti.k...@familiq.com on 7 Mar 2011 at 8:33