Good idea, Martin. I wonder how you'd feel about standardizing on periods rather than underscores? I know you mentioned PHP turns them into underscores, but that makes it meaningless to PHP which one we standardize on, and the rest of the language world tends to use periods for namespacing rather than underscores.<div>
<br></div><div>OAuth uses underscores, and I think it's newer, perhaps this was their reasoning. <br clear="all">--<br>Andrew Arnott<br>"I [may] not agree with what you have to say, but I'll defend to the death your right to say it." - Voltaire<br>
<br><br><div class="gmail_quote">On Wed, Mar 11, 2009 at 6:29 PM, Martin Atkins <span dir="ltr"><<a href="mailto:mart@degeneration.co.uk">mart@degeneration.co.uk</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div class="im">Allen Tom wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
I'm a little rusty on query parameter syntax, but isn't<br>
<br>
key=value1&key=value2&key=value3<br>
<br>
equivalent to<br>
<br>
key=value1,value2,value3<br>
<br>
Should the spec address this case?<br>
<br>
</blockquote>
<br></div>
I'm pretty sure that this is not standard, but may be the behavior of a particular implementation.<br>
<br>
The meta-problem here is that the query string was never really intended for being a transport for standard protocols, but was rather intended to be an application-local concern. This is not the first time we've run into grief where we've assumed particular behavior in parsing the query string that is not compatible with the behavior of one or more frameworks.<br>
<br>
For example, PHP turns periods in key names into underscores, so openid.mode is accessed as openid_mode. Fortunately the only ill effect this has is that in most PHP OpenID implementations you can send openid_mode in the query string and it'll work. :)<br>
<br>
You also can't access multiple values of the same key in PHP unless the key name has [] at the end.<br>
<br>
It might be of more general use for someone to research the various nutty behaviors of different frameworks and try to document a safe subset that protocols like OpenID and OAuth can use. Hopefully that will also encourage future frameworks to be compatible with what's documented. Here are three constraints to be starting with:<br>
<br>
* Only latin letters, roman digits and underscores in keys.<br>
* Only one instance of each key.<br>
* Don't use commas unless you're making a list.<div><div></div><div class="h5"><br>
<br>
<br>
_______________________________________________<br>
general mailing list<br>
<a href="mailto:general@openid.net" target="_blank">general@openid.net</a><br>
<a href="http://openid.net/mailman/listinfo/general" target="_blank">http://openid.net/mailman/listinfo/general</a><br>
</div></div></blockquote></div><br></div>