On Mon, Apr 26, 2010 at 1:50 PM, Ken k...@cimas.ch wrote:
For security reasons this service should be left to Twitter, but a
third party could deliver the same tokens if provided with the app's
Consumer key and secret. A bit messy though - need to change the
requesting app's callback URL -
Is there any thoughts towards setting the following header on the
Twitter API server:
Access-Control-Allow-Origin: *
For those of us developers working with web technology in closed
environments (such as PhoneGap) we can use XHR controlled requests to
Twitter - i.e. we can read headers (like the
Raffi,
One solution, which I know won't win the popularity prize, is for
Twitter to relax its XAuth restrictions and allow web apps to use full
OAuth and/or XAuth, depending on what works best for them.
In my case, I will still use full OAuth because it's so much better
than dealing with Twitter
One solution, which I know won't win the popularity prize, is for
Twitter to relax its XAuth restrictions and allow web apps to use full
OAuth and/or XAuth, depending on what works best for them.
In my case, I will still use full OAuth because it's so much better
than dealing with Twitter
In fact, you could set a threshold per consumer key that you can vary.
In other words, you can then allow a higher percentage XAuth (even
100%) to an app that caters largely to a Chinese market. And 0% or 10%
to an app that caters largely to the USA market.
On Apr 26, 9:43 am, Dewald Pretorius
One solution, which I know won't win the popularity prize, is
for
Twitter to relax its XAuth restrictions and allow web apps to
use full
OAuth and/or XAuth, depending on what works best for them.
In my case, I will still use full OAuth because it's so much
We know of some issues right now with redirection and authorization. We're
working on untangling the big bag of Christmas lights. Hope to have things
ship-shape soon.
Taylor Singletary
Developer Advocate, Twitter
http://twitter.com/episod
On Sat, Apr 24, 2010 at 5:17 PM, Abraham Williams
Are the direct message ids and status message ids unique as a group?
Can a direct message and a status message have the same id?
--
Subscription settings:
http://groups.google.com/group/twitter-development-talk/subscribe?hl=en
Can I somehow use the OAuth implementation in my client to use
Streaming API without prompting for user password too?
--
Subscription settings:
http://groups.google.com/group/twitter-development-talk/subscribe?hl=en
From: twitter-development-talk@googlegroups.com
[mailto:twitter-development-t...@googlegroups.com] On Behalf Of Taylor
Singletary
Sent: Monday, April 26, 2010 10:00 AM
To: twitter-development-talk@googlegroups.com
Subject: Re: [twitter-dev] Weird @Anywhere issue when logging into
Twitter
Hi Jumpa,
OAuth isn't supported for the Streaming API yet. We'll let everyone know the
appropriate new access methods when they're fully baked.
Taylor Singletary
Developer Advocate, Twitter
http://twitter.com/episod
On Mon, Apr 26, 2010 at 3:17 AM, Jumpa giampa.ma...@gmail.com wrote:
Can I
Obtaining a single access token for your application without necessarily
implementing the entire OAuth dance shouldn't be too difficult -- there are
many OAuth libraries that include command-line tools to acquire access
tokens in this way. You could also use Twurl (
http://github.com/marcel/twurl
@raffi thanks for your replies. I didn't mean to start a discussion
about Twitter's policy here (although I can imagine some people would
like to discuss it elsewhere). I'm mostly interested in finding a
solution.
@dean: I'm not sure I understand your suggestion about using oAuth for
both the
-Original Message-
From: twitter-development-talk@googlegroups.com
[mailto:twitter-development-t...@googlegroups.com] On Behalf Of John
Meyer
Sent: Monday, April 26, 2010 10:48 AM
To: twitter-development-talk@googlegroups.com
Subject: Re: [twitter-dev] Re: countdown to OAuth /
On 4/26/2010 9:09 AM, Dean Collins wrote:
-Original Message-
From: twitter-development-talk@googlegroups.com
[mailto:twitter-development-t...@googlegroups.com] On Behalf Of John
Meyer
Sent: Monday, April 26, 2010 10:48 AM
To: twitter-development-talk@googlegroups.com
Subject: Re:
Hi,
I've noticed that if you change the avatar on twitter.com, the API
returns the new one on the XML output... but on the JSON output, the
URL is still the old one. It changes eventually, but it takes a few
hours (or even days sometimes).
I've read some older messages and the problem is quite
It's in the bug tracker, and on my list of stuff to look at. Caching
in general is a high priority issue at the moment.
---Mark
http://twitter.com/mccv
On Mon, Apr 26, 2010 at 9:19 AM, Edi edi@gmail.com wrote:
Hi,
I've noticed that if you change the avatar on twitter.com, the API
Is there a way to have twitter @Anywhere on any HTML element like a
div or an img tag?
I want to specify my twitter username too :)
Thanks in advanced!
--
Subscription settings:
http://groups.google.com/group/twitter-development-talk/subscribe?hl=en
If you mean the 20 most recent tweets from all users there's statuses/
public_timeline:
http://apiwiki.twitter.com/Twitter-REST-API-Method%3A-statuses-public_timeline
Best Regards,
Chris White
On Apr 26, 6:55 am, millu milindsav...@gmail.com wrote:
Hello friends
I have one big problem, I
I'm seeing this error too. Help would be appreciated.
Thanks.
On Apr 15, 5:53 am, T.Kitajima kitajimatom...@gmail.com wrote:
Permission denied ... to get property Window.jQuery from https://
api.twitter.com.
My script throws XSS error. It's against same origin policy.
Can someone explain
Hey Raffi,
I see the status update at
http://status.twitter.com/post/516695583/local-trends-disabled
that local trends are slowly being restored. I see it on the web, any
indication when it will return to the API?
Thx,
@mhp
On Apr 18, 8:49 am, Raffi Krikorian ra...@twitter.com wrote:
the
Hi Raffi,
Not sure if I am following this correctly or not, but basically I have
been developing a plugin for Textpattern for a while that uses basic
authorisation to update a Twitter feed based on the username/password
set for the plugin. Does this change mean that the user would now be
Hmmm really? Breaks the rules by encouraging people to have more than
one account - Please explain how/why? How is my app any different from
any other successful twitter app?
Bulkunfollow? Really? You still have to select every user to undelete
manually - it's not like they just disappear if
i don't know very much about textpattern, however, might @anywhere be a
solution for this?
On Mon, Apr 26, 2010 at 11:08 AM, monkeyninja andy1...@gmail.com wrote:
Hi Raffi,
Not sure if I am following this correctly or not, but basically I have
been developing a plugin for Textpattern for a
hi mark.
i just called the trends api manually myself (
http://api.twitter.com/1/trends/available.xml and
http://api.twitter.com/1/trends/2367105.xml) and both seemed to work.
On Mon, Apr 26, 2010 at 11:04 AM, Mark Pavlidis mark.pavli...@gmail.comwrote:
Hey Raffi,
I see the status update at
On 4/26/2010 12:04 PM, Dean Collins wrote:
Hmmm really? Breaks the rules by encouraging people to have more than
one account - Please explain how/why? How is my app any different from
any other successful twitter app?
Oh you're right. An app touted on its ability to make multi-fold calls
It's not in this documentation, which is the first thing I found:
http://dev.twitter.com/pages/auth
-ch
On Apr 25, 1:40 pm, Abraham Williams 4bra...@gmail.com wrote:
It is specified on the XAuth documentation.
On Sun, Apr 25, 2010 at 13:39, Craig Hockenberry
I recently submitted a request for xAuth approval for a mobile app. I
was wondering if anyone knows roughly how long it takes for approval.
Thanks!
--
Subscription settings:
http://groups.google.com/group/twitter-development-talk/subscribe?hl=en
On 4/26/10 2:51 PM, John Meyer wrote:
On 4/26/2010 12:43 PM, Dean Collins wrote:
[...]
If Twitter decide that they will never allow the app to be approved for
use under the current brand then I'll just opensource the app and make
it free for anyone to use and download and everyone can get
On 4/26/2010 1:18 PM, Andrew Badera wrote:
Though I've disagreed with Dean's use and means of promoting of his
app since Day One, I hardly think his message rises to the level of
threat. I think there's enough misinformation, disinformation,
irritation and anger floating around this list these
it should be on the order of days (hopefully less - depends on our backlog
and our queue).
On Mon, Apr 26, 2010 at 11:52 AM, Tony tony.ar...@gmail.com wrote:
I recently submitted a request for xAuth approval for a mobile app. I
was wondering if anyone knows roughly how long it takes for
a bit unsure - we're still working out what the appropriate terms for xauth
should be. we just wanted it out there ASAP because of basic auth removal.
I recently submitted a request for xAuth approval for a mobile app. I
was wondering if anyone knows roughly how long it takes for approval.
On 04/25/2010 08:40 PM, John Kalucki wrote:
The user endpoint is very similar to the filter endpoint. We're tuning
the parameters, but, yes, you can track and loc, just as on filter,
but you can't follow.
Duplicated JSON isn't really a big concern, but I'll look into what we
can trim. The
Currently we deliver these to user streams. We'll probably conditional
them, default off, before we go to beta.
On Mon, Apr 26, 2010 at 12:32 PM, M. Edward (Ed) Borasky
zn...@comcast.net wrote:
On 04/25/2010 08:40 PM, John Kalucki wrote:
The user endpoint is very similar to the filter
John,
Nope, Dossy is pretty much on the money, I don't care about the money
and I'd prefer to see people using it rather than let it die.
Basically I'm a little over twitter and their amateur approaches to
certain things. I'd be the first person lining up to pay my $20 a month
or whatever for
Thanks for the info Raffi. I'll give it another day or two before
following up on the status.
On Apr 26, 3:29 pm, Raffi Krikorian ra...@twitter.com wrote:
it should be on the order of days (hopefully less - depends on our backlog
and our queue).
On Mon, Apr 26, 2010 at 11:52 AM, Tony
This is not necessarily a topic for dev group, but as a member, I am
asking for help since this could spur the development of better
algorithms for spam detection.
Is there a faster way of reporting an automated hashtag spammer other
than the report spam link on the users page?
About 10 of us
just to be clear - what xAuth is used for is to do a username/password
exchange for an oauth access token / secret (for a given application). from
then on out, that access token and secret is used to sign all requests in an
oauth manner.
On Mon, Apr 26, 2010 at 12:48 PM, John Meyer
this is a list of all the commands that are supported -
http://help.twitter.com/forums/59008/entries/14020-the-official-twitter-text-commands.
all sms commands are also available in status/update.
On Mon, Apr 26, 2010 at 12:51 PM, srikanth reddy srikanth.yara...@gmail.com
wrote:
Hi
One of
On 4/26/2010 1:37 PM, Dean Collins wrote:
John,
Nope, Dossy is pretty much on the money, I don't care about the money
and I'd prefer to see people using it rather than let it die.
Basically I'm a little over twitter and their amateur approaches to
certain things. I'd be the first person
Hello Raffi. The hashtag is #dottel and the culprit account is
@teldomaintel (JLouisBiz ThetaBiz).
He's been at it for a long time, stopped after we complained, then
started up again in a different manner.
We reported him for spam several times.
The timeline for dottel is totally polluted with
correction to last post ... useless-useful
.. He runs some kind of automated feeder that is annoying the .tel
community because no useful information can be found in #dottel
searches.
--
Subscription settings:
http://groups.google.com/group/twitter-development-talk/subscribe?hl=en
this is in ruby, but it at least shows how to do this using oauth
http://gist.github.com/279650
On Mon, Apr 26, 2010 at 2:25 PM, NASIR MANDAL nasir@gmail.com wrote:
Hi ,
Any one know how to update twitter background image, Please write me
with curl or autho by using php
--
On 4/26/2010 2:15 PM, Raffi Krikorian wrote:
just to be clear - what xAuth is used for is to do a username/password
exchange for an oauth access token / secret (for a given application).
from then on out, that access token and secret is used to sign all
requests in an oauth manner.
So in
precisely.
On Mon, Apr 26, 2010 at 2:41 PM, John Meyer john.l.me...@gmail.com wrote:
On 4/26/2010 2:15 PM, Raffi Krikorian wrote:
just to be clear - what xAuth is used for is to do a username/password
exchange for an oauth access token / secret (for a given application).
from then on out,
I've charted the Search API over a few months...
http://tweetprobe.tumblr.com/post/551639110
I'm concerned, Raffi :)
--
Subscription settings:
http://groups.google.com/group/twitter-development-talk/subscribe?hl=en
what are the units we're looking at?
On Mon, Apr 26, 2010 at 2:52 PM, mikawhite mikawh...@me.com wrote:
I've charted the Search API over a few months...
http://tweetprobe.tumblr.com/post/551639110
I'm concerned, Raffi :)
--
Subscription settings:
On 4/26/2010 3:22 PM, kprobe wrote:
Hello Raffi. The hashtag is #dottel and the culprit account is
@teldomaintel (JLouisBiz ThetaBiz).
He's been at it for a long time, stopped after we complained, then
started up again in a different manner.
We reported him for spam several times.
The timeline
Unit = an 'internal tweet' for each null/502/503 result from the
Search API.
--
Subscription settings:
http://groups.google.com/group/twitter-development-talk/subscribe?hl=en
Just one question, what's a different manner? Changing accounts, hashtags?
Different account (might have been @Thetabiz), different style of
content, same hashtag. But always automated and always repeating the
same content after a while.
--
Subscription settings:
honestly, i wouldn't plan on it. the spirit of oAuth is that the user's
credentials never even pass through a web application.
On Mon, Apr 26, 2010 at 3:02 PM, John Meyer john.l.me...@gmail.com wrote:
On 4/26/2010 3:46 PM, Raffi Krikorian wrote:
precisely.
So is it a possibility that
To help the algorithms detect this type of hashtag spam, what he is
doing is varying the content slightly, with different numbers of
hashtags, and different goo.gl shortened links that loop back to
twitter status messages and provide no content whatsoever. Appears to
be an attempt to get lots of
On 4/26/2010 4:23 PM, Raffi Krikorian wrote:
honestly, i wouldn't plan on it. the spirit of oAuth is that the
user's credentials never even pass through a web application.
Now I'm confused. Is xAuth going to be a method unto itself of
authenticating for the long-term, or is this the way
let's step back.
oAuth is the general framework that we want everybody to use. applications
no longer have to store usernames and passwords, which is a good thing.
normally, to get access tokens, applications send users through the oAuth
workflow -- this means they bring up a webpage on
+1
On Apr 26, 5:01 am, Remy Sharp r...@leftlogic.com wrote:
Is there any thoughts towards setting the following header on the
Twitter API server:
Access-Control-Allow-Origin: *
For those of us developers working with web technology in closed
environments (such as PhoneGap) we can use XHR
On 4/26/2010 4:55 PM, Raffi Krikorian wrote:
let's step back.
oAuth is the general framework that we want everybody to use.
applications no longer have to store usernames and passwords, which is
a good thing.
normally, to get access tokens, applications send users through the
oAuth workflow
As long as they keep this from affecting other non-API endpoints,
+1
Other than that, it could be disastrous.
--
André Luís
On Tue, Apr 27, 2010 at 12:04 AM, rmanalan rich.manal...@gmail.com wrote:
+1
On Apr 26, 5:01 am, Remy Sharp r...@leftlogic.com wrote:
Is there any thoughts towards
I'm still not buying it that oauth is going add any value for desktop
clients with regards to password security. Basically you are now storing
token in the desktop client instead of password.
The added security is that either your malicious app, or, say some
trojan in the user's computer,
Thanks!!
- Original Message -
From: John Kalucki j...@twitter.com
To: twitter-development-talk@googlegroups.com
Sent: Monday, April 26, 2010 12:34:35 PM GMT -08:00 US/Canada Pacific
Subject: Re: [twitter-dev] Re: [twitter-api-announce] User Streams Preview Open
To All Developers
What's the latest schedule for increasing the allowed API call rate for oAuth
users? That seems to have been lost in the shuffle.
Also, is there any advantage to xAuth over the desktop PIN oAuth scheme (for a
desktop application)? I'm putting together a proposal and can't see any real
What's the latest schedule for increasing the allowed API call rate for
oAuth users? That seems to have been lost in the shuffle.
unclear - we're actively working with our infrastructure and operations
teams on capacity planning specifically so we can increase the rate limits.
Also, is
I've been working on a project that uses all .NET code to connect to the
streaming api (HttpWebRequest native JSON parsing). Several people have
already released code samples and many of the libraries have this
functionality, but I needed to build my own app. There were enough issues
along the
Also, is there any advantage to xAuth over the desktop PIN oAuth scheme
(for a desktop application)?
There sure is for TTYtter. But that's not a typical desktop app.
--
personal: http://www.cameronkaiser.com/ --
Cameron Kaiser * Floodgap Systems *
Sweet Shannon, I have my own implementation, but I'd love to see
someone else's. (TweetSharp didn't have one when I did mine.) I'll try
to find time to take a look, thanks for publishing, I hadn't got
around to publishing mine yet, too busy!
∞ Andy Badera
∞ +1 518-641-1280 Google Voice
∞ This
xAuth is a method for which to exchange usernames and passwords for those
tokens, without send the user through the workflow. this is for two
reasons: 1. mobile/desktop application authors have complained that it makes
their UX fugly when they bring up a web browser (i'll hold my opinions on
What's the latest schedule for increasing the allowed API call rate for
oAuth users? That seems to have been lost in the shuffle.
unclear - we're actively working with our infrastructure and operations
teams on capacity planning specifically so we can increase the rate limits.
just to
On Tue, Apr 20, 2010 at 3:13 PM, Marcel Molina mar...@twitter.com wrote:
If you already have RubyGems (http://rubygems.org/), you can install it with
the gem command:
sudo gem i twurl --source http://rubygems.org
After consulting with Raffi on another issue, I have registered an app
and am
Where end-user credentials are stored is entirely up to the end-user,
as is who they choose to share the information with. OAuth does not
and cannot address this, as it shouldn't - and neither should Twitter
When a user types their username/password on the Twitter authorization
screen, they are
With a users twitter password, I can take over their account by
changing email password. Can I do that with OAuth credentials?
On Mon, Apr 26, 2010 at 7:43 PM, Ron B rbther...@gmail.com wrote:
Where end-user credentials are stored is entirely up to the end-user,
as is who they choose to
You used to be able to change an accounts email address through the API but
it looks like Twitter removed that feature so no. An OAuth application can
not take over a users account.
Abraham
On Mon, Apr 26, 2010 at 17:49, philip crawford philipha...@gmail.comwrote:
With a users twitter
I have same error.
Error: Error Domain=NSURLErrorDomain Code=-1012 UserInfo=0x42969d0
Operation could not be completed. (NSURLErrorDomain error -1012.)
I will using XAuthTwitterEngineDemo
I have approval But error may be source error..
Twitter Support Mail
Thank you for your interest in xAuth.
Yes, I remember reading your post. I've seen a couple of other
implementations, but they weren't quite what I needed. It'd be interesting
to see your approach.
On Mon, Apr 26, 2010 at 5:15 PM, Andrew Badera and...@badera.us wrote:
Sweet Shannon, I have my own implementation, but I'd love to
On 04/26/2010 05:16 PM, Cameron Kaiser wrote:
xAuth is a method for which to exchange usernames and passwords for those
tokens, without send the user through the workflow. this is for two
reasons: 1. mobile/desktop application authors have complained that it makes
their UX fugly when they
xAuth is a method for which to exchange usernames and passwords for
those
tokens, without send the user through the workflow. this is for two
reasons: 1. mobile/desktop application authors have complained that it
makes
their UX fugly when they bring up a web browser (i'll hold my
Hi,
I'm using the Home and Public Timelines API in a web app. The Home
Timeline permits to have a count of the tweets to retrieve and to
paginate them, the Public not. So we have different list behaviours on
the list based API.
I think it could be a nice features for developers to have a similar
and 3. Browserless environments. I'm pretty sure that was one of the initial
motivators way back when the crud was flying.
Yeah ... but I *like* having the browser involved.
I'm so happy your world is so limited.
--
personal:
So the more correct response would be that neither OAuth or Basic Auth
can take over a user's account, since it is the API functionality that
is the gating factor.
So then you have to ask yourself, do you believe your user credentials
are more secure when only you, your app, and Twitter will ever
Hi,
I have same problem.
Received approval from Twitter.
But the same thing.
Do you have solutions?
On Apr 21, 5:13 am, sae twitp...@gmail.com wrote:
Hi,
I just set up my application forxauthand started testing.
It keeps failing with error message:
Error Domain=NSURLErrorDomain
I understand the very compelling reasons why Twitter wants to convert
to universal OAuth access. But let's quit spinning OAuth as this
great new security enhancement technology that will benefit end-
users It's not. It wasn't even meant to be. It was just meant to
help the Twitters of the
Unless I'm wrong (it happens), I believe you can do everything the API
offers with OAuth that you can currently do with basic auth. But even
if that isn't true, preventing basic auth from allowing username/
password changes is a much more direct solution (and easier) than
forcing an OAuth
80 matches
Mail list logo