Re: [OAUTH-WG] Format of user-agent response parameters

Torsten Lodderstedt Sun, 16 Jan 2011 11:01:44 -0800

+1 pro JSON

Am 16.01.2011 08:41, schrieb Eran Hammer-Lahav:

Why is the token returned in the fragment using form-encoding? Thismakes no sense. It should be a JSON string for the following reasons:
1.All token responses should be the same, which will enable returningstructured responses in the future as needed.
2.Using fragments is specifically done to accommodate the user-agentenvironment, which means JavaScript. Why create extra work whenJSON.parse() does it for you for free.
Returning the authorization code alone using form-encoded in the querystill makes sense.
EHL


_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth

_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth

Re: [OAUTH-WG] Format of user-agent response parameters

Reply via email to