
12 Nov
2009
12 Nov
'09
2:05 a.m.
Hi, All, I'm building a oauth library with drakma, oauth specification need every request is signed with its token and token secret in additional-headers, but it also need a unique timestamp and nonce(a random string). It is OK when there is not redirect, but http-request will use the same additional-headers in the redirect request, so oauth server throw an error: "Invalid nonce/timestamp: This nonce has been used ..." I think there are two solutions, one is there is a option that http-request do not automatically follow redirect, the other is http-reqeust evaluate the additional-headers again when redirecting. Is it acceptable, thank you in advance. Plato Wu 片云天共远永夜月同孤