I'm not so sure. I recently was on twitter, and I saw an oauth thing (user point of view) for some app, and my default reaction was to freak out and close the window - it didn't explain well enough that my password wasn't going to be sent through to the third party. I immediately felt like I had no idea of where my username and password might be given...
Also, if you look through the twitter wiki's post comments, someone mentions server side scripting attack possibility. Isn't it a possibility? Julian. On 12/05/2009, at 3:05 AM, Zack Ham wrote: > Good call, OAuth is definitely the right way to do this now. > > My simple solution is applicable if the original poster doesn't care > and has no interest in changing things (they said they already are > accepting usernames and passwords). > > - Zack > > > On May 11, 2009, at 9:38 AM, Timothy Caraballo wrote: > >> Wouldn't it be better to use Twitter's OAuth API at this point? >> http://apiwiki.twitter.com/OAuth+Example+-+Ruby >> >> >>> On May 11, 2009 12:32 PM, "Zack Ham" <[email protected]> wrote: >>> >>> >>> Here's a simple example that does this using the HTTParty gem: >>> >>> In your controller to post the tweet: >>> >>> twitter = Twitter.new(username, password) >>> twitter.post(message) >>> >>> And here is the Twitter class: >>> >>> require 'httparty' >>> class Twitter >>> include HTTParty >>> base_uri 'twitter.com' >>> >>> def initialize(u=nil, p=nil) >>> @auth = {:username => u, :password => p} unless u.nil? || p.nil? >>> end >>> >>> def post(text) >>> self.class.basic_auth @auth[:username], @auth[:password] >>> self.class.post('/statuses/update.json', :query => {:status => >>> text}) >>> end >>> end >>> On May 11, 2009, at 5:55 AM, cool wrote: > > Guys, > > I need a >>> help very badly in this issue... >>> >> >> >> >> > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "merb" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/merb?hl=en -~----------~----~----~----~------~----~------~--~---
