Twitter API 'POST status/update' got Error when sending single quote(') character


#1

Hi. I’m a .Net programmar. I am developing twitter api program with old version ASP.NET of 2.0.
When my program call a api of ‘POST status/update’ with a statement includes single quote(’), It returns 401 error.

For example, when I post a statement “Its not single quote”, It is successfully uploaded. But when I post a statement “It’s ‘single quote’”, It returns 401 error.

Please tell me the reason. Source code below.

    string oauth_consumer_key = "XXXXXX";
    string oauth_consumer_secret = "XXXXXX";
    string oauth_token = "85478373-XXXXXX";
    string oauth_token_secret = "XXXXXX";

    // oauth implementation details
    string oauth_version = "1.0";
    string oauth_signature_method = "HMAC-SHA1";

    // unique request details
    string oauth_nonce = Convert.ToBase64String(
        new ASCIIEncoding().GetBytes(DateTime.Now.Ticks.ToString()));
    TimeSpan timeSpan = DateTime.UtcNow
        - new DateTime(1970, 1, 1, 0, 0, 0, 0, DateTimeKind.Utc);
    string oauth_timestamp = Convert.ToInt64(timeSpan.TotalSeconds).ToString();

    // message api details
    string status = "Its singledd quote single quote http://omn.kr/1hgwr ";
    string resource_url = "https://api.twitter.com/1.1/statuses/update.json";

    // create oauth signature
    string baseFormat = "oauth_consumer_key={0}&oauth_nonce={1}&oauth_signature_method={2}" +
                    "&oauth_timestamp={3}&oauth_token={4}&oauth_version={5}&status={6}";

    string baseString = string.Format(baseFormat,
                                oauth_consumer_key,
                                oauth_nonce,
                                oauth_signature_method,
                                oauth_timestamp,
                                oauth_token,
                                oauth_version,
                                Uri.EscapeDataString(status)
                                );

    baseString = string.Concat("POST&", Uri.EscapeDataString(resource_url), "&", Uri.EscapeDataString(baseString));

    string compositeKey = string.Concat(Uri.EscapeDataString(oauth_consumer_secret),
                            "&", Uri.EscapeDataString(oauth_token_secret));

    string oauth_signature;
    using (HMACSHA1 hasher = new HMACSHA1(ASCIIEncoding.ASCII.GetBytes(compositeKey)))
    {
        oauth_signature = Convert.ToBase64String(
            hasher.ComputeHash(ASCIIEncoding.ASCII.GetBytes(baseString)));
    }

    // create the request header
    string headerFormat = "OAuth oauth_nonce=\"{0}\", oauth_signature_method=\"{1}\", " +
                       "oauth_timestamp=\"{2}\", oauth_consumer_key=\"{3}\", " +
                       "oauth_token=\"{4}\", oauth_signature=\"{5}\", " +
                       "oauth_version=\"{6}\"";

    string authHeader = string.Format(headerFormat,
                            Uri.EscapeDataString(oauth_nonce),
                            Uri.EscapeDataString(oauth_signature_method),
                            Uri.EscapeDataString(oauth_timestamp),
                            Uri.EscapeDataString(oauth_consumer_key),
                            Uri.EscapeDataString(oauth_token),
                            Uri.EscapeDataString(oauth_signature),
                            Uri.EscapeDataString(oauth_version)
                    );
    
    // make the request
    string postBody = "status=" + Uri.EscapeDataString(status);

    ServicePointManager.Expect100Continue = true;

    HttpWebRequest request = (HttpWebRequest)WebRequest.Create(resource_url);
    request.Headers.Add("Authorization", authHeader);
    request.Method = "POST";
    request.ContentType = "application/x-www-form-urlencoded;charset=UTF-8";
    using (Stream stream = request.GetRequestStream())
    {
        byte[] content = ASCIIEncoding.ASCII.GetBytes(postBody);
        stream.Write(content, 0, content.Length);
    }

    WebResponse response = null;
    response = request.GetResponse();
    response.Close();

#2

I think that particular library may be having an issue properly encoding ' a single quote.

I don’t know ASP .NET but it might be a problem using encoding in the body text: it should be like this https://developer.twitter.com/en/docs/basics/authentication/guides/percent-encoding-parameters.html


#3

By default, the EscapeDataString method converts all characters except for RFC 2396 unreserved characters to their hexadecimal representation.

https://www.ietf.org/rfc/rfc2396.txt

2.3. Unreserved Characters

Data characters that are allowed in a URI but do not have a reserved
purpose are called unreserved. These include upper and lower case
letters, decimal digits, and a limited set of punctuation marks and
symbols.

  unreserved  = alphanum | mark

  mark        = "-" | "_" | "." | "!" | "~" | "*" | "'" | "(" | ")"

Unreserved characters can be escaped without changing the semantics
of the URI, but this should not be done unless the URI is being used
in a context that does not allow the unescaped character to appear.

Hope this helps.


closed #4

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.