search

surjit / oauth

Automatically exported from code.google.com/p/oauth
0 stars 0 forks source link

[patch] JavaScript: decodeForm fails with empty form #40

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
What steps will reproduce the problem?
1. OAuth.decodeForm('')

What is the expected output? What do you see instead?
Expected: []
Actual result: ['', null]

What version of the product are you using? On what operating system?
r675

Please provide any additional information below.

OAuth.decodeForm is used to derive the base string. If the message action is 
'http://example.com/rest/?', decodeForm is called with an empty string. Instead 
of returning an 
empty list of form paramaters, it returns an empty parameter. This then creates 
the wrong base 
string, so the OAuth signature cannot be verified.

Solution:

In the decodeForm method, instead of:

            list.push([name, value]);

Use:

            if (name) {
              list.push([name, value]);
            }

Original issue reported on code.google.com by mark@novemberborn.net on 20 Sep 2008 at 9:37

GoogleCodeExporter commented 9 years ago 
fixed in -r686

Original comment by jmkrist...@gmail.com on 22 Oct 2008 at 5:43