Going through the new OAuth2.0 Specs ( rfc 6749 ), I see that Implicit Grant protocol workflow uses Url Hash Fragments to exchange the 'access_token' between the Authorisation server and the public client.
See Specs: http://tools.ietf.org/html/rfc6749#section-4.2
Cannot the Authorisation grant response be send as 'Query Params' instead of the Url fragment, keeping other parts of the flow as it is ?
Basically I cannot understand the limitation that made spec authors of OAuth2 chose url hash fragments for Implicit grant flow authorisation ?