From 42e2c1137f222467cbf8612a43f0c7b97e19934d Mon Sep 17 00:00:00 2001
From: Martin May <martin@martinmay.net>
Date: Mon, 3 Oct 2011 13:07:50 -0600
Subject: [PATCH] Properly escape Twitter username and password for signature
 base string.

---
 TwitterXAuth.m | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/TwitterXAuth.m b/TwitterXAuth.m
index 1244db1..b1d0779 100644
--- a/TwitterXAuth.m
+++ b/TwitterXAuth.m
@@ -120,8 +120,8 @@ - (NSString *) baseString
 			      nil];
   if (state == TwitterXAuthStateAuthorize)
     params = [params arrayByAddingObjectsFromArray:[NSArray arrayWithObjects:[NSString stringWithFormat:@"%@%%3D%@", @"x_auth_mode", x_auth_mode],
-							    [NSString stringWithFormat:@"%@%%3D%@", @"x_auth_password", x_auth_password],
-							    [NSString stringWithFormat:@"%@%%3D%@", @"x_auth_username", x_auth_username],
+							    [NSString stringWithFormat:@"%@%%3D%@", @"x_auth_password", [x_auth_password urlEncode]],
+							    [NSString stringWithFormat:@"%@%%3D%@", @"x_auth_username", [x_auth_username urlEncode]],
 							    nil]];
   if (state == TwitterXAuthStateTweet)
     params = [params arrayByAddingObjectsFromArray:[NSArray arrayWithObjects:[NSString stringWithFormat:@"%@%%3D%@", @"oauth_token", [self.token urlEncode]],