Could you clarify a little more the environment in which this
confusion arose? What do you mean when you say "The protected
resource typically accepts 'callback' as a parameter to support
JSONP."? What sort of software are you including in this?
--Richard
On Apr 15, 2010, at 5:41 PM, Luke Shepard wrote:
We already had one developer try it out and get confused because the
server tried to treat the callback URL as a JSONP callback.
The protected resource typically accepts “callback” as a parameter
to support JSONP. If a developer accidentally passes in callback
there (maybe they got confused) then the server can’t give a normal
error message – instead it needs to either detect that it looks like
a URL or otherwise reject it.
On a related note, I think it’s more confusing calling it something
different in the user-agent flow (redirector) when it’s essentially
doing the same thing.
From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On
Behalf Of Eran Hammer-Lahav
Sent: Thursday, April 15, 2010 5:37 AM
To: Naitik Shah; OAuth WG
Subject: Re: [OAUTH-WG] Rename callback => callback_uri
I don’t think it is that confusing. Its a completely different
context from where JSON-P is used (note that in the User-Agent flow
it is called something else).
EHL
On 4/10/10 12:35 PM, "Naitik Shah" <nai...@facebook.com> wrote:
With the simplified params, the callback url parameter is now just
"callback". Since most major API providers already use "callback" to
signify JSON-P callback, can we rename this to "callback_uri"? This
will help avoid collisions and confusion.
-Naitik
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
