Re: [twitter-dev] Re: Introducing the Follow Button
Hi Zazie, On Tue, May 31, 2011 at 1:43 PM, Zazie Lavender zazielaven...@gmail.com wrote: This is great, but I worry that this might easily be abused. The code for a follow button seems written in a way that allows the user to redress the link however they please. I see the main intent url as being easily extracted for no-js users; but this means someone could take that URL, redress it as a link someone would WANT to click on and fool people into clicking such a button to boost their own follower counts. We have anti-CSRF protection to prevent the follow endpoint being used outside of the button. We also have malware detection in place so we can quickly shut down abusive sites. Thanks, -- Dan Webb Technical Lead, Twitter For Websites d...@twitter.com / @danwrong -- Twitter developer documentation and resources: https://dev.twitter.com/doc API updates via Twitter: https://twitter.com/twitterapi Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list Change your membership to this group: https://groups.google.com/forum/#!forum/twitter-development-talk
Re: [twitter-dev] Re: alert() in anywhere.js
On Wed, May 19, 2010 at 11:27 AM, Steve C st...@twitpic.com wrote: We just rolled out @anywhere yesterday and some of our users are experiencing similar issues. http://twitpic.com/1p00d6 We rolled out a fix at the weekend that we fixed all the browsers that we test under but there are obviously still some browsers getting the issue. I think we'll use console.info to display these message instead of an alert. We wanted to let developers know that they needed a clientID in the most noticable way but to avoid unintended annoyance of users we'll move to console.log. Thanks, -- Dan Webb Front-end Engineer, Platform d...@twitter.com / @danwrong +1 415 425 5631
Re: [twitter-dev] Re: alert() in anywhere.js
On Wed, May 19, 2010 at 11:48 AM, Damon Clinkscales sca...@pobox.com wrote: On Wed, May 19, 2010 at 1:41 PM, Dan Webb d...@twitter.com wrote: On Wed, May 19, 2010 at 11:27 AM, Steve C st...@twitpic.com wrote: Just wondering...does TwitPic have a bug or misconfiguration or is this an @anywhere bug? Javascript errors at startup time (in these cases by browser bugs in certain browsers that we don't support) are causing the initialization to terminate early leaving the client ID unset. We're going to ensure that unsupport browsers fail silently rather than triggering this alert. ETA for fix is within the hour. -- Dan Webb Front-end Engineer, Platform d...@twitter.com / @danwrong +1 415 425 5631
Re: [twitter-dev] Re: alert() in anywhere.js
This does sound like a regression of some kind. We'll get this fixed ASAP. On Sat, May 15, 2010 at 3:41 PM, JohnB johnfakor...@yahoo.com wrote: Are we really talking about incorrect installations here? Twitter's own @Anywhere documentation page (http://dev.twitter.com/anywhere/ begin) is throwing this same error in older browsers, including Chrome 3.0.195. -- Dan Webb Front-end Engineer, Platform d...@twitter.com / @danwrong +1 415 425 5631
Re: [twitter-dev] @anywhere in Safari4/Mac - wont work
It looks to me like your hovercards are not finding a screen name rather than it being a browser issue. The Unsafe javascript attempt is a warning and does not effect operation. On Wed, May 12, 2010 at 8:17 AM, Felix Kunsmann fe...@kunsmann.eu wrote: Hello, I'm trying to use @anywhere hovercards in my Blog (Link below). It seems that Safari is blocking all requests to Twitter, so is there a way to fix that (or to duplicate hovercard functionality)? -- Dan Webb Front-end Engineer, Platform d...@twitter.com / @danwrong +1 415 425 5631
Re: [twitter-dev] Re: Verify user connect with @anywhere?
Shortly we'll be providing the logged in user's id along with a signature that will allow you to verify it is genuine. Stay tuned. On Wed, May 12, 2010 at 6:14 PM, Abraham Williams 4bra...@gmail.com wrote: I don't think it is officially supported as a public API but you can pull the twttr_anywhere cookie which contains an access token. https://api.twitter.com/1/account/verify_credentials.xml?oauth_access_token=xyz Abraham -- Dan Webb Front-end Engineer, Platform d...@twitter.com / @danwrong +1 415 425 5631
Re: [twitter-dev] jQuery being loaded multiple times using @anywhere
Hi Matt, At the moment there are 2 references to jQuery. We'd rather load in our own version of JQuery rather than detecting it in partner pages so we can be assured of the version we are running on top of. The reason its loaded twice is that it's used both on the client and on the server that exists in a hidden iframe. A large amount of users will have google's jQuery cached so it doesn't slow performance too much. That being said we will continue to tune @anywhere and removing external dependencies will be something we'll definitely be looking at. Thanks, Dan On Fri, Apr 16, 2010 at 8:49 AM, Matt m...@indielabs.com wrote: We've just implemented @anywhere's hovercard feature on our website and noticed that in addition to the initial loading of jQuery from Google which we were already doing, by including the Twitter script it loads jQuery 2 or 3 more times from Google. This should be fixed to only load jQuery once if it is not already detected. Here is the script we're using: script src=http://platform.twitter.com/anywhere.js? id=OURAPIKEYISHEREv=1/script script type=text/javascript twttr.anywhere(function(twitter) { twitter('.twitter a').hovercards({ infer: true }); }); /script -- Subscription settings: http://groups.google.com/group/twitter-development-talk/subscribe?hl=en -- Dan Webb Front-end Engineer, Web Client d...@twitter.com / @danwrong +1 415 425 5631
Re: [twitter-dev] Re: parent.twttr.anywhere._signedOutCookiePresent
Apologies for this. There was an issue with our CDN causing this which we've now fixed. It's not related to cookies. Thanks, Dan On Fri, Apr 16, 2010 at 2:54 PM, Jon j...@jgubman.com wrote: I was getting that same error earlier. Clearing out my cookies seemed to fix it, but doesn't instill confidence... On Apr 16, 2:25 pm, Craig cbernst...@gmail.com wrote: Hello, @Anywhere (just a simple install following the Getting Started instructions) worked on my site yesterday. Today, it is dead: platform0.twitter.com/1/javascripts/client.js:1: Uncaught TypeError: Object function (Z,b){if(typeof Z==function) {b=Z;Z=twttr.anywhere._config.defaultVersion}if(! twttr.anywhere._config.clientID){return alert(To set up @anywhere, please provide a client ID)}if(D==callback||D==headless){return } var Y;var a=twttr.anywhere._instances;if(typeof Z===string||typeof Z===number){Z={version:Z}}Z.version=(Z.version)? Z.version.toString():twttr.anywhere._config.defaultVersion;Z=E({window:window},Z);if((Y=a[Z.version])) {if(Y.contentWindow._ready){Y.contentWindow._init(b,Z)} else{U(Y.contentWindow,b,Z)}}else{T(Z,b)}} has no method '_signedOutCookiePresent' Oops? Craig -- Subscription settings:http://groups.google.com/group/twitter-development-talk/subscribe?hl=en -- Dan Webb Front-end Engineer, Web Client d...@twitter.com / @danwrong +1 415 425 5631
[twitter-dev] Re: @anywhere sign in button disappearing
Hi Aral, So the connect button disappears entirely after you've connected? If you reply with steps to reproduce we can look in to it. Thanks, Dan On Apr 15, 8:48 am, Aral Balkan aralbal...@gmail.com wrote: Definitely seeing it disappear while logged into a different account. Not sure if some oAuth session is being cached or something. Aral -- To unsubscribe, reply using remove me as the subject.
[twitter-dev] Re: twitter.User.current.data is not a function
The way to acheive this best would be: twttr.anywhere(function(twitter) { if (twitter.isConnected()) { alert(ttwitter.currentUser.data('screen_name')); } else { twitter(#connectArea).connectButton({size: large}); } }); Thanks, Dan On Apr 15, 7:46 am, silentgecko rwelb...@brainpool.de wrote: Same Problem here On 15 Apr., 09:47, Palleas pall...@gmail.com wrote: Hi all, I gave a try to Anywhere connect, and I have a weird issue, even if I'm using the official example provided on the website. Here is what I'm doing : twttr.anywhere(function(twitter) { if (twitter.isConnected) { alert(twitter.User.current.data(screen_name)); } else { twitter(#connectArea).connectButton({size: large}); } }); But this is what I got from firefox and Chrome : twitter.User.current.data is not a function [Break on this error] alert(twitter.User.current.data(screen_name)); Any hints? Thanks! -- To unsubscribe, reply using remove me as the subject.