You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In case of 30X redirect on a GET, httplib2 calls back on oauth2 client.request with new location, and body filled with oauth tokens. oauth2 client.request then generates new oauth tokens and appends the body causing a duplicate oauth tokens in the request.
This call back to oauth2.Client.request will sign a url that already contains oauth signature parts, and append them to the url causing duplicate oauth signature. This causes troubles to some backends, in my case it was odesk backend.
As per RFC2616[1], Location header on a redirect contains an absolute uri not a base uri.
As per RFC3986[2], absolute uri can contain query string parameters
Hello,
In case of 30X redirect on a GET, httplib2 calls back on oauth2 client.request with new location, and body filled with oauth tokens. oauth2 client.request then generates new oauth tokens and appends the body causing a duplicate oauth tokens in the request.
In httplibe2/init.py:1385
This call back to oauth2.Client.request will sign a url that already contains oauth signature parts, and append them to the url causing duplicate oauth signature. This causes troubles to some backends, in my case it was odesk backend.
As per RFC2616[1], Location header on a redirect contains an absolute uri not a base uri.
As per RFC3986[2], absolute uri can contain query string parameters
[1]
http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.30
[2]
http://tools.ietf.org/html/rfc3986#page-27
The text was updated successfully, but these errors were encountered: