It says "customize the Ruby code with your Access Key ID", however the code actually takes that as a command-line argument.

The authors use the term headers instead of header fields when refering to HTTP envelopes. I think they should stick to the RFC2616 terminology which is: a header is a block of header fields.

"This response has 11 headers"
SHOULD BE "...10 headers"

It says "This response has 11 headers", but I actually count 10 of them.

It says the method information is "doGoogleSearch" and that that's also found in the SOAPAction HTTP header. However, that header says "urn:GoogleSearchAction".

In example 1-15, the authors seem to be making an argument that Flickr's API can also be viewed in RESTful fashion despite resembling an RPC service. I believe they intended the URI in the example to read "GET /photos/tags/penguin HTTP/1.1" rather than the one shown (with the method and key/value pairs embedded).

I receive an authentication failure:

Authentication fails.
:/InstantRails/ruby/lib/ruby/1.8/net/http.rb:567: warning: using default DH parameters.
C:/InstantRails/ruby/lib/ruby/1.8/net/http.rb:586:in `connect': certificate verify failed
(OpenSSL::SSL::SSLError)
from C:/InstantRails/ruby/lib/ruby/1.8/net/http.rb:586:in `connect'

(username and password is provided in lowercase without square brackets and with a space in between (no
comma))

Code: See http://ruby.about.com/od/tutorials/ss/delicious_tags_4.htm provides xml output
<?xml version='1.0' standalone='yes'?>
<tags>
<tag count="1" tag="for:adobe" />
<tag count="1" tag="rails" />
<tag count="1" tag="restful" />
<tag count="2" tag="ruby" />
<tag count="1" tag="rubyonrails" />
<tag count="1" tag="system:unfiled" />
</tags>
warning: peer certificate won't be verified in this SSL session

This code also provides post by changing to posts/recent as in the example of page 31.

It says "A bucket name can only contain the characters A through Z, a through z, 0 through 9, underscore, period, and dash." However, in the previous paragraph, you suggested using names like "directory/subdirectory/file-object".

You map the Amazon "Access Key ID" to @@public_key and the "Secret Access Key" to @@private key in your Authorized module.

I *think* there is an error in the signed_uri method.

The "expires" variable is carefully set but never
passed to the "signature" method (as the last argument)
where it can be passed thru to "canonical_string" to set the
Date: header. Yet on the next page (69) the need to override
the Date: header with the "expires" time is emphasized with
a direct reference to the code for "canonical_string"
in Example 3-18.

Either I missed something subtle or there's a mistake.

The steps "4.) Expose a Subset of a Uniform Interface" and "5.) Design the Representations Accepted from
the Client" are not supposed to be introduced until Chapter 6 p.148 (and are not discussed in Chapter 5).

As a result later in Chapter 6 p148 the list is identical to p109 even though it is declared that two
steps have been added.

Says:
[{url="http://maps.example.com/Earth,description="Earth"},
{url="http://maps.example.com/Venus,description="Venus"},
...]

The JSON format requires names to be quoted and name/value pairs to be separated by colons (and not by an "equals" sign as in the example). I think the correct example should be:

[{ "url" : "http://maps.example.com/Earth", "description" : "Earth"},
{ "url" : "http://maps.example.com/Venus", "description" : "Venus"},
...]

The JSON specification is at http://json.org and a json validator can be found http://jsonlint.com

Given the established convention of including the zoom level on the portion of the URI containing the map
type, the caption for figure 5-1 on page 127 should be

/road.3/Earth/images/37.0,-95.png

instead of what is printed:

/road/Earth.3/images/37.0,-95.png

Given the established convention of including the zoom level on the portion of the URI containing the map
type, the URI in paragraph 3 on page 128 should be:

http://maps.example.com/road.8/Earth/images/37.0,-95.png

instead of what is printed:

http://maps.example.com/road/Earth.8/images/37.0,-95.png

Also, the zoom level should be 3 instead of 8 since this URI is meant to be referencing the example on the
previous page.

p.s. - In the body of the last error report I sent, I mentionded page 127 instead of the correct page for
the error 128.

To confirm and add to an existing report: the XHTML is poorly formed. For example, the opening <dd> tag is missing for the "maps" unnumbered list.

To confirm and add to an existing report: the XHTML is poorly formed. For example, the opening <dd> tag is missing for the "maps" unnumbered list.

The "repeat" attribute on the input element (<input name="show" repeat="template") is astonishing to
people familiar with (X)HTML. It gets explained on page 136 after it's used again, but it should be
explained when first used.

The note explains the use of the "repeat" attribute on (X)HTML input elements. While it's true that this
is part of the nascent XHTML 5 specification, the documents in the book claim to be XHTML 1.1. Those that
use features introduced in XHTML 5 are not valid XHTML 1.1. The note makes it clear that this is a
convenient shorthand; it should also point out that the resulting documents are not useful in the real
world. (In fact, they should never be, as written; they'll need to be modified to use the XHTML 5 doc type
once it exists.)

I think "CGI::escape("password=#{password}") should be whatever the Ruby syntax is for "password="
concatenated with CGI::escape("#{password}"). The note that follows says that the password is form-
encoded, which is the correct behavior. If the equals sign is form-encoded, the server will see a name
that includes an encoded equals sign instead of a name=value pair.

'<input class="password"' -> '<input type="password"'
'<input class="submit"' -> '<input type="submit"'

ruby/ch7/service/config/routes.rb is missing in source archive RESTful_Web_Services_sample_code.zip

The "user_id_from_username" filter was not mentioned anywhere in the book.

This should be "must_specify_user".

The "<screen>" element appears to be a mistake. It's never closed, and I couldn't find any such element in
the Atom spec.

"index and show simply delegate to the show_bookmarks action" does not agree with the code. While index
calls show_bookmarks, show actually (and somewhat perversely) calls render_bookmarks.

Digest::SHA1.new(password).to_s

is no longer supported under Ruby 1.8.6. To work, app/models/user.rb would have to be updated to:

# Performs a one-way hash of some data.
def self.hashed(password)
Digest::SHA1.digest("string").to_s
end

Alternately some additional code in the config/environment.rb as shown in
http://coderrr.wordpress.com/2007/09/14/incompatibility-between-rails-116-and-ruby-186/
may resolve the problem.

Code in
ruby/ch3/S3lib.rb
ruby/ch8/calculate-wsse-digest.rb
may be similarly affected

Digest::MD5.new(new_uri).to_s doesn't work with the current version of Ruby

The correct code is:

Digest::MD5.hexdigest(new_uri)

to_s is unnecessary

It says:

response_code = e.io.status[0].to_i
if response_code == "409" # Conflict

I'm guessing you should compare ints to ints and strings to strings.

qop-auth --> qop=auth

The response to the second request has a different Etag than the first. Since the second response
indicates that the entity was not modified, shouldn't the tags be the same? In a testing with a few Web
sites, I found that the Etag in a 304 response always matched the Etag in the request.

The URL in the "Location" header should presumably match the URL in the text on the following page.

WRONG: Location: http://www.example.com/leonardr/photos/my-guinea-pig.atom
RIGHT: Location: http://www.example.com/leonardr/photos/20070124-1.atom

The right URL is mentioned in the middle paragraph on page 280 as the URI to which the document can be PUT
if modified. There seems to be no where else the .../20070124-1.atom URL could have come from.

Delete the initial "<![CDATA[ " before the XML prolog.

I guess this is a hint that the authors wrote the book in XML, but didn't quite get the escaping right
when incuding an XML fragment in an XML document.

The "name" of the <input> element does not match the name in the resulting search URLs.

WRONG: <input name="query" type="text" />
RIGHT: <input name="q" type="text" />

as the next paragraph mentions generated URLs:
http://search.example.com/search?q=jellyfish and
http://search.example.com/search?q=chocolate
which include "q=", not "query=".

The example wadl file for del.icio.us uses a mix of two different wadl specifications: 20061109 (https://
wadl.dev.java.net/wadl20061109.pdf) and 20060802 (https://wadl.dev.java.net/wadl20060802.pdf). The example
does not validate with either schema.

The application has the namespace for the earlier version, but the "header" value for param node's "style"
attribute is not defined in this version. It is used in example 9-10.

For the later revision, "header" is defined, but the "style" attribute is required for all params. The
param in example 9-12 would need a "style" attribute.

It says "v1 inside posts inside recent", however that doesn't match the actual nesting of the tags in the XML.

img.setAttribute("title", image["Height"]);

Oops, that's a copy-and-paste bug ;)

"PUT /weblogs/{id}: Delete a weblog."

PUT != DELETE

It says "Content-Type: text/plain" and then "Content-Type: text/html" when really they're supposed to be the same.