Upcoming change to signed makeRequest on the orkut sandbox

Tuesday, March 18, 2008 at 1:50 PM


Issue 103 describes a problem in orkut's makeRequest implementation that keeps POST data parameters from being included when generating the signature for signed requests. We have a fix for this that will be pushed to sandbox.orkut.com soon.

If you're verifying signed POST requests on your server, make sure that you include the POST body parameters when building your Signature Base String. The code at http://code.google.com/p/opensocial-resources/wiki/OrkutValidatingSignedRequests has been updated to do this (but will not actually work until the sandbox is updated).

Please see issue 103 for more details.