[twitter-dev] Re: New oAuth Authorization screen is unusable on phone webbrowser control
OK I spoke to soon :) It does still seem to be working on UIWebView,
not sure about other mobile web browsers.
I do like the look and feel of the new login pages
On May 1, 8:54 am, Rich rhyl...@gmail.com wrote:
Twitter what have you done, it takes WEEKS to get updates through
Apple's review process and now you break all apps that use oAuth
through embedded browser controls, and yet seriously how is it any
different to using xAuth.
Please restore this ASAP!
On May 1, 12:54 am, Matthieu GD matthie...@gmail.com wrote:
On Apr 30, 7:13 pm, Tom van der Woerdt i...@tvdw.eu wrote:
On 5/1/11 12:47 AM, Matthieu GD wrote: On Apr 30, 12:09 pm, Tom van der
Woerdti...@tvdw.eu wrote:
I've heard this before.
It sounds like all UIWebView, WebBrowser and probably Android's WebView
are blocked. This is definitely a *good* thing for security reasons.
They are not blocked, it's *only* a problem of layout.
Are you sure? A block of CSS saying html { display: none; } doesn't
look like a problem, more like a feature. The workaround I recommend:
launch the actual browser, using a
yourapp:// link (something like myapplication://tokenDone) as the
return URL. This is a LOT safer for the users.
I have the same problem, and I don't see why using a webcontrol is a
security problem. Since xauth is the exception, why twitter is making
the use of oauth so hard ?
You should read the article athttp://goo.gl/xI0PZ
Not sure if my previous message get trough.
ok now we know it's insecure. But why removing the page without notice
since it's not easy to deploy a new version of a native application?
We have lived with xAuth (and it's still used by some applications
like full-fledged clients) during several months until oauth was
ready.
Matthieu
--
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group:
http://groups.google.com/group/twitter-development-talk
[twitter-dev] Re: New oAuth Authorization screen is unusable on phone webbrowser control
I figured out an easy workaround for WP7 WebBrowser: 1) Navigate to a local dummy page in your isolated storage before going to the oAuth page -- somehow this fixes the scrolling 2) Set the width of the 'auth' div to the width of your screen by invoking javascript on the browser-- this uncrowds the page. Wasted 2 days on this nonsense :( On Apr 30, 3:47 pm, Matthieu GD matthie...@gmail.com wrote: On Apr 30, 12:09 pm, Tom van der Woerdt i...@tvdw.eu wrote: I've heard this before. It sounds like all UIWebView, WebBrowser and probably Android's WebView are blocked. This is definitely a *good* thing for security reasons. They are not blocked, it's *only* a problem of layout. The workaround I recommend: launch the actual browser, using a yourapp:// link (something like myapplication://tokenDone) as the return URL. This is a LOT safer for the users. I have the same problem, and I don't see why using a webcontrol is a security problem. Since xauth is the exception, why twitter is making the use of oauth so hard ? Matthieu -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk
[twitter-dev] Re: New oAuth Authorization screen is unusable on phone webbrowser control
On May 1, 7:52 am, Bob12345 yuz...@gmail.com wrote: I figured out an easy workaround for WP7 WebBrowser: 1) Navigate to a local dummy page in your isolated storage before going to the oAuth page -- somehow this fixes the scrolling 2) Set the width of the 'auth' div to the width of your screen by invoking javascript on the browser-- this uncrowds the page. Wasted 2 days on this nonsense :( Thanks Bob for the workaround, not easy to implement but still a temporary solution. A better one would be that Twiter restores the page so we could migrate our application. Matthieu -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk
[twitter-dev] Re: New oAuth Authorization screen is unusable on phone webbrowser control
and the doc page for OOB authentication is not available : http://dev.twitter.com/pages/auth#oob Amateur hour here we come I'm going to ask for a xauth exception On May 1, 7:52 am, Bob12345 yuz...@gmail.com wrote: I figured out an easy workaround for WP7 WebBrowser: 1) Navigate to a local dummy page in your isolated storage before going to the oAuth page -- somehow this fixes the scrolling 2) Set the width of the 'auth' div to the width of your screen by invoking javascript on the browser-- this uncrowds the page. Wasted 2 days on this nonsense :( On Apr 30, 3:47 pm, Matthieu GD matthie...@gmail.com wrote: On Apr 30, 12:09 pm, Tom van der Woerdt i...@tvdw.eu wrote: I've heard this before. It sounds like all UIWebView, WebBrowser and probably Android's WebView are blocked. This is definitely a *good* thing for security reasons. They are not blocked, it's *only* a problem of layout. The workaround I recommend: launch the actual browser, using a yourapp:// link (something like myapplication://tokenDone) as the return URL. This is a LOT safer for the users. I have the same problem, and I don't see why using a webcontrol is a security problem. Since xauth is the exception, why twitter is making the use of oauth so hard ? Matthieu -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk
Re: [twitter-dev] New oAuth Authorization screen is unusable on phone webbrowser control
Hi Bob, Tom, and others, On Apr 29, 2011, at 11:50 PM, Bob12345 wrote: I've been using a WebBrowser control in my Window Phone application to login into Twitter. Today I noticed that the login/authorization page format had changed and it is now unusable in a web browser control that my application displays. The text on the page is squeezed together, and the page unscrollable. I've seen a couple of reports of this concerning rendering in the current browser on Windows Phone 7. This is obviously unintended and I'm working on a fix. On Apr 30, 2011, at 9:09 AM, Tom van der Woerdt wrote: It sounds like all UIWebView, WebBrowser and probably Android's WebView are blocked. This is definitely a *good* thing for security reasons. The workaround I recommend: launch the actual browser, using a yourapp:// link (something like myapplication://tokenDone) as the return URL. This is a LOT safer for the users. Although I'm personally a strong advocate of the protocol redirects, I can assure you that we have not actively blocked access to the OAuth screens in any context or browser with these updates. If you're having trouble with the auth screen in a web view, I'm going to need more information from you because there's no debugging tool for a UIWebView in third party apps. If you can trap any rendering or script errors from a browser view control in your development environment, please send them to me and I'll use them to look for any problems. Email me directly if you prefer. Thanks, Ben / @benward / Twitter platform developer -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk
[twitter-dev] API requests redirect my server to /suspended
Hello,
My application currently gets an access token and save it to a
database for each member of my website. I checked the access tokens
saved for my account and the ones in Your Apps MyApp My Access
Token and they are correct. My account is not suspended and there is
nothing on my application's page which says that it is suspended
neither.
I don't understand why I am redirected to /suspended when I request a
page like /statuses while both of my account and my app are accepted.
Is there anybody who can explain my problem ?
I'm developing in Ruby using the OAuth gem. I do something like :
OAuth::AccessToken.new(MyApp::Application.twitter_consumer, db_token,
db_token_secret).get('/statuses')
with the MyApp::Application.twitter_consumer method returning :
OAuth::Consumer.new(consumer_key, consumer_secret, { :site = 'https://
api.twitter.com' })
Thank you,
--
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group:
http://groups.google.com/group/twitter-development-talk
[twitter-dev] Problem with $connection-get('account/verify_credentials')
I'm a newbie with the Twitter API. I have no problem sending a user
from my site to Twitter via the api and receiving authentication.
Here is the code I use for that, tweaked from Nettus.
?php
// Twitter API Example--Nettuts
session_start();
require_once('inc/twitterOAuth.php');
// make sure you swap these for your own!
$consumer_key = '* * * *';
$consumer_secret = '* * *';
// create some request tokens
$toa = new TwitterOAuth($consumer_key, $consumer_secret);
$tokens = $toa-getRequestToken();
// store it in our session
$_SESSION['oauth_request_token'] = $tokens['oauth_token'];
$_SESSION['oauth_request_token_secret'] =
$tokens['oauth_token_secret'];
$_SESSION['oauth_state'] = 'SENT';
// send the user on their way
header('Location: '.$toa-getAuthorizeURL($tokens['oauth_token']));
?
OK, no problem. However, I cannot then use the tokens I receive back
from twitter to make a connection. Here is the code I am trying to
use.
html
head
titlePHP test post to Twitter/title
/head
body
table width=70% align=centertrtd
brbr
stuff starts here
brbr
?php
// $val1 = $_GET['ot'];
// $val2 = $_GET['ov'];
echo 'step one ... brbr';
require_once('inc/twitterOAuth.php');
require_once('inc/config.php');
echo 'step two ... brbr';
// $CONSUMER_KEY = '* * * *';
// $CONSUMER_SECRET = '* * * *';
// $OAUTH_TOKEN = '* * * *';
// $OAUTH_SECRET = '* * * *';
define(CONSUMER_KEY, * * * );
define(CONSUMER_SECRET, * * * *);
define(OAUTH_TOKEN, * * * *);
define(OAUTH_SECRET, * * * *);
echo 'step three ...brbr';
$connection = new TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET,
OAUTH_TOKEN, OAUTH_SECRET);
$content = $connection-get('account/verify_credentials');
echo 'step four ...brbr';
$connection-get('users/show', array('screen_name' =
$_REQUEST['screen_name']));
$login_status = Hi .$_SESSION['OAUTH_TOKEN']['screen_name']., are
you ready to archive?bra href='./clearsessions.php'logout/a;
$logged_in = TRUE;
?
br
?php echo $login_status; ?
brbr
stuff ends here.
/td/tr/table
/body
/html
The page stops loading after echo 'step three ...brbr'; and
goes blank. Anyone have an idea why these two lines do not work--
$connection = new TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET,
OAUTH_TOKEN, OAUTH_SECRET);
$content = $connection-get('account/verify_credentials');
Is the problem that I am missing a step? All I got in step 1 was a
request token but not an access token?
Thanks,
Joe
p.s. Apologies to the mod for sending my cons sec key with the post.
Not a good idea to post code at in the wee hours, especially a sat
night.
--
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group:
http://groups.google.com/group/twitter-development-talk
[twitter-dev] Default Access type doesn't change after saving
Hello. I need to create an App that has Read Write access. While creating the App I chose it to have this type of access type, but after saving I noticed that the access type was read-only, so I chose to edit the App and even after selecting Read Write and submitting, the default access type was still read-only. Does anyone knows what could be the problem? Any help is greatly appreciated. burningfuses -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk
[twitter-dev] Re: New oAuth Authorization screen is unusable on phone webbrowser control
this message don't indicate any security concerns:
http://groups.google.com/group/twitter-api-announce/browse_thread/thread/3aac43cb45873232
On Apr 30, 7:13 pm, Tom van der Woerdt i...@tvdw.eu wrote:
On 5/1/11 12:47 AM, Matthieu GD wrote: On Apr 30, 12:09 pm, Tom van der
Woerdti...@tvdw.eu wrote:
I've heard this before.
It sounds like all UIWebView, WebBrowser and probably Android's WebView
are blocked. This is definitely a *good* thing for security reasons.
They are not blocked, it's *only* a problem of layout.
Are you sure? A block of CSS saying html { display: none; } doesn't
look like a problem, more like a feature. The workaround I recommend:
launch the actual browser, using a
yourapp:// link (something like myapplication://tokenDone) as the
return URL. This is a LOT safer for the users.
I have the same problem, and I don't see why using a webcontrol is a
security problem. Since xauth is the exception, why twitter is making
the use of oauth so hard ?
You should read the article athttp://goo.gl/xI0PZ
Tom
--
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group:
http://groups.google.com/group/twitter-development-talk
[twitter-dev] Re: New oAuth Authorization screen is unusable on phone webbrowser control
On Apr 30, 7:18 pm, Ben Ward benw...@twitter.com wrote: Hi Bob, Tom, and others, On Apr 29, 2011, at 11:50 PM, Bob12345 wrote: I've been using a WebBrowser control in my Window Phone application to login into Twitter. Today I noticed that the login/authorization page format had changed and it is now unusable in a web browser control that my application displays. The text on the page is squeezed together, and the page unscrollable. I've seen a couple of reports of this concerning rendering in the current browser on Windows Phone 7. This is obviously unintended and I'm working on a fix. Thanks Ben for your message. Matthieu -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk
[twitter-dev] Twitter Share button: Change url to share *after* page loaded completely
Hi, I have a homepage where I want to enable users being able to share a radio station they just created. (See http://burnynet.de/combofm) I tried various things, like changing the data-url element or reloading the element completely, etc. Sadly I cannot find any documentation on widgets.js. The button script seems to run when the page is loaded and nothing more. The share button with the inbuilt url shortener would save me a lot of work. Any Ideas? Regards, tburny -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk
Re: [twitter-dev] Geolocation and Twitter API
Hey Padma, This location attribute is specific to geo searches (search API requests with geocode parameter), and reflects the way tweets are matched: - It is taking the Geo attribute if the tweet is geotagged. - Otherwise, it fallbacks to the tweet author's location (as defined in its profile). By the way: If you're looking for precision, you should take a look on the Streaming API (statuses/filter method with the locations parameter). Only tweets created using the Geotagging API will be matched this way (no fall-backing to Twitter profile). More info on http://dev.twitter.com/pages/streaming_api_methods#locations Arnaud / @rno http://twitter.com/rno On Fri, Apr 29, 2011 at 4:22 PM, harik padmahar...@gmail.com wrote: hI ... I am trying to map the tweets which I can retrive using Twitter Search API. This is what I have observed. When I search for tweets based on location(lat n long) using the query: search.twitter.com/search.atom?geocode=37.781157,-122.398720,1mi I see that (in the xml format) there is location tag where the latitude ,longitude or semantic address like minneapolis,MN etc are mentioned. But suppose I search for tweets based on a keyword ,say IPL search.twitter.com/search.atom?q=@IPL Then I do not see any location tag in the atom code.In fact I am not able to get any kind of location information . I know that not may people have enabled the geolocation feature,so the % of tweets having the location is very less. But What I have cross checked is,I used a map interface, and when I click on it ,it takes the co-ordinates and gives the tweets near by .These have the location tag.Suppose I choose a word from the first tweet and then search for that word as a search keyword, the I do get the same tweet as the latest tweet ,but it does not have the location tag. Why is this so? Can any one tell me -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk
Re: [twitter-dev] API requests redirect my server to /suspended
Hey Thomas,
/statuses is not a valid API endpoint, and our routing system assumes
you're trying to reach the statuses account, which is suspended (cf
http://twitter.com/statuses).
Take a look on our timeline resources on http://dev.twitter.com/doc and use
one of these endpoints (for example /1/statuses/public_timeline.json)
instead.
Arnaud / @rno http://twitter.com/rno
On Sun, May 1, 2011 at 7:23 AM, Thomas Feron tho.fe...@gmail.com wrote:
Hello,
My application currently gets an access token and save it to a
database for each member of my website. I checked the access tokens
saved for my account and the ones in Your Apps MyApp My Access
Token and they are correct. My account is not suspended and there is
nothing on my application's page which says that it is suspended
neither.
I don't understand why I am redirected to /suspended when I request a
page like /statuses while both of my account and my app are accepted.
Is there anybody who can explain my problem ?
I'm developing in Ruby using the OAuth gem. I do something like :
OAuth::AccessToken.new(MyApp::Application.twitter_consumer, db_token,
db_token_secret).get('/statuses')
with the MyApp::Application.twitter_consumer method returning :
OAuth::Consumer.new(consumer_key, consumer_secret, { :site = 'https://
api.twitter.com' })
Thank you,
--
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker:
http://code.google.com/p/twitter-api/issues/list
Change your membership to this group:
http://groups.google.com/group/twitter-development-talk
--
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group:
http://groups.google.com/group/twitter-development-talk
Re: [twitter-dev] Twitter Share button: Change url to share *after* page loaded completely
Hey tburny, If you're trying to render the button after the DOM has loaded, the easiest way is to go for the iFrame version (using query string parameters to customize its behavior). More info on http://dev.twitter.com/pages/tweet_button#using-an-iframe Arnaud / @rno http://twitter.com/rno On Sun, May 1, 2011 at 3:00 PM, tburny t.bu...@gmail.com wrote: Hi, I have a homepage where I want to enable users being able to share a radio station they just created. (See http://burnynet.de/combofm) I tried various things, like changing the data-url element or reloading the element completely, etc. Sadly I cannot find any documentation on widgets.js. The button script seems to run when the page is loaded and nothing more. The share button with the inbuilt url shortener would save me a lot of work. Any Ideas? Regards, tburny -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk
Re: [twitter-dev] Default Access type doesn't change after saving
Hey Cassiano, Are you still experiencing this problem? I couldn't reproduce the issue. Switching access type works fine on my side (for both newly created existing apps). Arnaud / @rno http://twitter.com/rno On Sun, May 1, 2011 at 9:30 AM, BurningFuses cassi...@gmail.com wrote: Hello. I need to create an App that has Read Write access. While creating the App I chose it to have this type of access type, but after saving I noticed that the access type was read-only, so I chose to edit the App and even after selecting Read Write and submitting, the default access type was still read-only. Does anyone knows what could be the problem? Any help is greatly appreciated. burningfuses -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk
