[twitter-dev] Re: Any way to turn off 'user-scalable' meta tag in OAuth authorization form?
For me the issue is usability. When I render the page on the iPhone in a webview that takes up most of the screen LCD, the size of the letters for the username and password input fields are "tiny". I showed my dad who is an older guy, but still likes Twitter, and he said he couldn't read the letters while he typed because they were so small. On Aug 12, 2:59 pm, Zac Bowling wrote: > The only issue with that is that you can't return the user to the app after > the oath flow (unless you implement a protocol handler on your platform and > Twitter supported calling back to it). > > I'm back and forth on this myself. The security advocate in me agrees with > you Taylor, but the UX guy in me causes me to strive to find a way to guide > the user through the process so that my users don't have follow too many > instructions or do to many steps get up and going. > > Zac > > Sent from my iPad > > On Aug 12, 2010, at 2:35 PM, Taylor Singletary > wrote: > > > > > There's no known way to do this today, Tony. > > > While it's obviously not a policy at Twitter, I thought I'd just take the > > time to share my personal opinion on embedded web views and the OAuth flow: > > > - Not into it. > > > Why? > > > > > > By redirecting to a standard web browser on the device where your > > application resides, your users can better understand the security scenario > > being presented to them while they are approving access for your > > application. Using an embedded webview subverts this trust, as you're > > basically providing them with a web browser of your application's design. > > Obviously, the majority of developers who implement things this way are not > > doing so with ill intent, but the opportunity for funny business increases > > when using a custom web view. > > > There are other API providers out there who forbid the use of embedded > > browsers during OAuth flows for this reason. > > > > > > Taylor > > > On Thu, Aug 12, 2010 at 2:31 PM, Tony.In.Portland > > wrote: > > Bad choice of words on my part. I want to be able to set the value to > > "yes", I want the page that comes back to be scalable. > > > On Aug 12, 2:09 pm, "Tony.In.Portland" > > wrote: > > > Is there any way to turn off the user-scalable meta tag in the page > > > that comes back during the oAuth authorization process? I want to > > > render the page in my own webview, but I want to allow the person to > > > zoom/pinch so they can expand the page so the input fields and buttons > > > are not so small. This is for a mobile device. > > > > Thanks, > > > Tony
Re: [twitter-dev] Re: Any way to turn off 'user-scalable' meta tag in OAuth authorization form?
The only issue with that is that you can't return the user to the app after the oath flow (unless you implement a protocol handler on your platform and Twitter supported calling back to it). I'm back and forth on this myself. The security advocate in me agrees with you Taylor, but the UX guy in me causes me to strive to find a way to guide the user through the process so that my users don't have follow too many instructions or do to many steps get up and going. Zac Sent from my iPad On Aug 12, 2010, at 2:35 PM, Taylor Singletary wrote: > There's no known way to do this today, Tony. > > While it's obviously not a policy at Twitter, I thought I'd just take the > time to share my personal opinion on embedded web views and the OAuth flow: > > - Not into it. > > Why? > > > > By redirecting to a standard web browser on the device where your application > resides, your users can better understand the security scenario being > presented to them while they are approving access for your application. Using > an embedded webview subverts this trust, as you're basically providing them > with a web browser of your application's design. Obviously, the majority of > developers who implement things this way are not doing so with ill intent, > but the opportunity for funny business increases when using a custom web > view. > > There are other API providers out there who forbid the use of embedded > browsers during OAuth flows for this reason. > > > > Taylor > > On Thu, Aug 12, 2010 at 2:31 PM, Tony.In.Portland > wrote: > Bad choice of words on my part. I want to be able to set the value to > "yes", I want the page that comes back to be scalable. > > On Aug 12, 2:09 pm, "Tony.In.Portland" > wrote: > > Is there any way to turn off the user-scalable meta tag in the page > > that comes back during the oAuth authorization process? I want to > > render the page in my own webview, but I want to allow the person to > > zoom/pinch so they can expand the page so the input fields and buttons > > are not so small. This is for a mobile device. > > > > Thanks, > > Tony >
Re: [twitter-dev] Re: Any way to turn off 'user-scalable' meta tag in OAuth authorization form?
There's no known way to do this today, Tony. While it's obviously not a policy at Twitter, I thought I'd just take the time to share my personal opinion on embedded web views and the OAuth flow: - Not into it. Why? By redirecting to a standard web browser on the device where your application resides, your users can better understand the security scenario being presented to them while they are approving access for your application. Using an embedded webview subverts this trust, as you're basically providing them with a web browser of your application's design. Obviously, the majority of developers who implement things this way are not doing so with ill intent, but the opportunity for funny business increases when using a custom web view. There are other API providers out there who forbid the use of embedded browsers during OAuth flows for this reason. Taylor On Thu, Aug 12, 2010 at 2:31 PM, Tony.In.Portland < tony.in.portl...@gmail.com> wrote: > Bad choice of words on my part. I want to be able to set the value to > "yes", I want the page that comes back to be scalable. > > On Aug 12, 2:09 pm, "Tony.In.Portland" > wrote: > > Is there any way to turn off the user-scalable meta tag in the page > > that comes back during the oAuth authorization process? I want to > > render the page in my own webview, but I want to allow the person to > > zoom/pinch so they can expand the page so the input fields and buttons > > are not so small. This is for a mobile device. > > > > Thanks, > > Tony >
[twitter-dev] Re: Any way to turn off 'user-scalable' meta tag in OAuth authorization form?
Bad choice of words on my part. I want to be able to set the value to "yes", I want the page that comes back to be scalable. On Aug 12, 2:09 pm, "Tony.In.Portland" wrote: > Is there any way to turn off the user-scalable meta tag in the page > that comes back during the oAuth authorization process? I want to > render the page in my own webview, but I want to allow the person to > zoom/pinch so they can expand the page so the input fields and buttons > are not so small. This is for a mobile device. > > Thanks, > Tony