Signing response for jsConnect
I am writing this after an hour of working on problem like - "Why one people can log in to forum through jsConnect, and other not".
I found the reason and now want to understand something.
There is such text in the documentation about signing the response -
Url encode the sorted user with RFC1738 (a fancy way of saying make it a query string). This gives you your signature string.
And after this the doc has an example encoded url -
signature_string = "email=johndoe%40noreply.com&name=John+Doe&photourl=http%3A%2F%2Fnosite.com%2Fjohndoe.png&uniqueid=1234"; - See more at: http://vanillaforums.com/blog/jsconnect-technical-documentation/#sthash.6fFhJGqd.dpuf
And what we can see here - you encode white-space in the name parameter like "+", although the RFC1738 says about encoding the white-space as "%20". Explaining - we have name "John Doe" you encoded it as "John+Doe", although according to RFC1738 it must be "John%20Doe".
So, it is obviously that the sign will be different in these two cases. So in our project this leads to error "Signature invalid." for users which has white-spaces in their Names on our project and for other it works fine.
I did not try any of your ready modules (for PHP, Ruby, Java, .NET) as we using perl, but maybe these modules have such problems too.
Or there is something wrong in my mind?