If an ampersand is present in the body parameter of the URL, it is treated as a separator for a parameter.
This is quite bad.
We need to URL encode the body in sdk-js before we do signing. We then need to verify the signature on the server and URL decode it after verification.
If an ampersand is present in the body parameter of the URL, it is treated as a separator for a parameter.
This is quite bad.
We need to URL encode the body in sdk-js before we do signing. We then need to verify the signature on the server and URL decode it after verification.