Hi, All,

I'm building a oauth library with drakma, oauth specification need
every request is signed with its token and token secret in
additional-headers, but it also need a unique timestamp and nonce(a random
string).

It is OK when there is not redirect, but http-request will use the same
additional-headers in the redirect request, so oauth server throw an error:
"Invalid nonce/timestamp: This nonce has been used ..."

I think there are two solutions, one is there is a option that
http-request do not automatically follow redirect, the other is
http-reqeust evaluate the additional-headers again when redirecting.

Is it acceptable, thank you in advance.


Plato Wu
片云天共远永夜月同孤