getInfo API - does not wok for IE7

The referer is sent along with the request.
Please refer the below

The request and response using a sniffer:
for IE
-------------------------------------------------
GET /auth/getToken?devId=xd1AkipAZwA99QDY&f=json&c=parseTokenInfo&noCacheIE=1198646709005 HTTP/1.1
Accept: */*
Referer: http://125.22.243.123/AOL_Pictures/main?statusCode=200&statusText=OK&requestId=&token_a=%2FwEAAAAAjqX9FtLuXq4RoVll7kFQxB8CDz%2BMfdbe23bVCUX8FwVjvZH7CutXXBtJKNBKFou%2FNEumSJ%2FFelsiqA30TFsxkPZgY%2BS48Wh1bzsIxfJELc4soVdb9miFT%2FLt0qlYMPntEKZNs77v4pwvjvzD&token_expiresIn=86400
Accept-Language: en-securid
UA-CPU: x86
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; InfoPath.1; .NET CLR 3.0.04506.30)
Host: api.screenname.aol.com
Connection: Keep-Alive
Cookie: RSP_COOKIE=type=23&name=QW5hbmRtMDA3&stype=100; OATALC=diAxLjAgayAwIEpDNHduME9XczBXR1E3eTZDWmV1WERSZUR1Zz0%3D-mliP4MdXjwhjzIRw2ibEMLlmsCyO8q64krfEUQHnliyc1oXrAhqhAevPbvxLKlxpSDXU5DijIbaxeM0u3wN8nxvHp5hLnGELOER3gECTkqg2NoLv%2FOPDS%2FWgY8D32We0r%2BrHyxr0wydzhvJ55FuNRkLS8FF6A5g7

HTTP/1.1 200 OK
Date: Wed, 26 Dec 2007 05:25:08 GMT
Set-Cookie: JSESSIONID=F6DD739D56B536B5044236259FF6C873; Path=/auth
Set-Cookie: OASC=diAxLjAgayAwIEVTT1FqQmlickZkUUxzSjdQQnc5VDRPWmFYZz0%3D-SSQdmqasJXW7AratTMW0EdQPuVr%2FFydDMY5W%2ByQSkJPL9UPTEw5ifxhb3Zy9qGqXZRPevrkkPWJ5mFaoEp2rTFTz39dp7WWKAbJsd95JCkUET9PPqJKEREy46YRjF7bDN5c1SDH%2FakrZOC%2FOsh4lKPLsAMtBD89rK0XpKI9XrjajS0nu%2B%2BL7S0M5X5xzAg93lAg3CVoK2Xk6CAWjK5tW3gHfbqHpCk7v%2BhtvAsmXOrv0O7lbxTY5UugD%2F7CVsWl65H%2Bgsl5n2p1Rnb%2FmDIXnO3DprFVIZnlb%2FG7%2BkY%2Bq%2F51oy5%2Fk4tnL9ogQ51TNy0m4%2B53g0m3FOyBb6FtSIoDwNyECfEM1lDyGBTW2iG3MnZD8v9%2FW%2BWRk1icvGbzAP4Q19hIApH6wz0UH1x9XJa0wR%2B8tfaIJx4QI4vGSrjWsQDD5abfVDQ1Onw%3D%3D; Path=/
Pragma: No-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/json;charset=UTF-8
Content-Language: en-SECURID
P3P: CP="PHY ONL PRE STA CURi OUR IND"
Keep-Alive: timeout=15, max=500
Connection: Keep-Alive
Transfer-Encoding: chunked

56
parseTokenInfo({"response":{"statusText":"Internal Server Error","statusCode":500}});

0
------------------------------------------------------

for firefox
GET /auth/getToken?devId=xd1AkipAZwA99QDY&f=json&c=parseTokenInfo&noCacheIE=1198646845065 HTTP/1.1
Host: api.screenname.aol.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.11) Gecko/20071127 Firefox/2.0.0.11
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: http://125.22.243.123/AOL_Pictures/main?statusCode=200&statusText=OK&requestId=&token_a=%2FwEAAAAABGBQdBCW5hXgqImCVSdH%2BrFiAXK4di30dmvD2%2Bjgf4%2BOEh0hvoXQXWZ05DQ%2BKuepXUM1YIizDNoQ9QTZOSmytHP9hVqGl417t8fm%2BAJBvtQP0QrInba60wC4S4QzTWcqKjmsL0yOshylZAtE&token_expiresIn=86400
Cookie: RSP_COOKIE=type=23&name=QW5hbmRtMDA3&stype=100; trzip=60004; aolweatherlocation=60004; OATALC=diAxLjAgayAwIE5abTlBeWdtaDFDZmJvK21pbU8vUmtDdWhBWT0%3D-mliP4MdXjwgMdLkOvzaNK8dsibx9isVr%2FpFaFKPJa5487m2gj%2F8E7gnavqi6KUe010bUpTmK2rrgYbyv2pXFAndLfOcrK5KoKPJ9o2kL6G5V5L5hM%2B5P9GXUFyOpWeia3xGP4I%2B%2BTsyULU1HgXM8YT6H8Fw1t2NL

HTTP/1.1 200 OK
Date: Wed, 26 Dec 2007 05:27:24 GMT
Set-Cookie: JSESSIONID=D75395E9BEB1872199D6071895AB1FE9; Path=/auth
Set-Cookie: OASC=" "; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Pragma: No-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/json;charset=UTF-8
Content-Language: en-US
P3P: CP="PHY ONL PRE STA CURi OUR IND"
Keep-Alive: timeout=15, max=500
Connection: Keep-Alive
Transfer-Encoding: chunked

113
parseTokenInfo({"response":{"statusText":"OK","data":{"token":{"expiresIn":86400,"a":"%2FwEAAAAAw%2FsOUzIJb%2Fe1ZoCJS13Yc5rVrTfnYCpHedTGVulr4Xf4wStW4H2oG4KYs%2FgTrXE4CyDmFj5uBemzBS5wLbUOOrlvXZzJx3j8ONl1DVAcQsIg%2F9UAAPIHi7W3CJLner%2BUo1Lko2luUnyaG8ss"}},"statusCode":200}});

0
---------------------------------------------------------

As we can observe referer is sent and is the same for both IE and firefox.
But the correct response is obtained only for firefox. For IE we get the Internal server error.

The application is hosted in http://125.22.243.123/AOL_Pictures
The devId can be found in the Querystring when this URL is launched in the browser.

The SRC attribute gets generated correctly.
I call the getInfo API to get the userID since the application Iam trying to develop does not have the user information (because user signs in to the AOL redirected page).
I get the userID and access the AOL Pictures API for getting the the private and public pictures.

This could be due to missing referer problem. If you can send us your devId I can confirm that. When you make the getInfo call, OpenAuth tries to verify that the getInfo request is made from the same location for which the token is issued to.

For example, if your succUrl to "login" (if using redirect login method) is "http://your.domain.com/login", then the "getInfo" can be made only from the same url (passed as "referer" header by the browser). If there is no way to guarantee the referer header, then possibly the best option is to use the redirect mechanism for "getInfo" also by passing succUrl param.

Hi,

We're mostly out on holiday this week, but a couple of thoughts that we'll try to follow up on quickly:

1. Note that there's generally no need to do a getInfo from JS, it's main use is as a server verification for the redirect. That's not to say it's wrong to use it or that it shouldn't work, just that it may not be necessary.

2. Your code looks fine. However, just to be safe I assume that you verified that the SRC attribute for the script tag got generated correctly?

2. I don't know of any problems with IE7, and in fact it shouldn't matter, but we'll look into it ASAP.

Bruce