[twitter-dev] Blocked users appear in the API, not in the website
Guys, I opened this bug about a year ago but it got lost in the bug tracking and I'm not in the mood to search that mess again. http://imgur.com/JTxm1.png As you can see, there is one tweet that appears in the application, but it doesn't appear in the website. The reason is that the author of the tweet (the original tweet, not the retweet) is blocked, which the website does it right and don't display it, but the message still appears in the API. And no, I'm not the author or am in anyway related to Nambu, but I had the same problem with my (now defunct) application. -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Blocked users appear in the API, not in the website
On Wed, Sep 8, 2010 at 1:54 PM, Tom van der Woerdt i...@tvdw.eu wrote: The API doesn't check for blocked users. You need to implement that manually. So for every request for the user_timeline I need to request the list of blocked users, to have a proper list in case the user blocks someone in the website? That sounds incredible stupid. -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Switch to OAuth - How to
On Mon, Sep 6, 2010 at 12:13 PM, Le Thanh Dong mr.thanhd...@gmail.com wrote: Thanks for the reply, but I want to get tweets via friend timeline. Since Twitter switch to OAuth, I can not do this so far. If the account is public, you can unauthenticated request the home_timeline. If the account is private, then, unfortunately, you'll have to register your app to get a app secret and token and, at least once, request the authorization for that app in the account. Once you get the authorization token, you can use it indefinitely (or till Twitter revokes it, but they don't have a timeout at this time.) -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Password in a source
On Mon, Sep 6, 2010 at 10:41 AM, Tom van der Woerdt i...@tvdw.eu wrote: Just put the keys in the executable but not in the source. Really, it's your only option. Well, actually that's not true, because you can also simply proxy all traffic via a server, but that's not ideal. I may be wrong here, but if my memory doesn't fail, if you distribute a binary package under the GPL, you're required to distribute the exact same source that created that binary. You can distribute your application in GPL and distribute another binary, closed sourced package with the API keys and such, which you must then dlopen(). -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Password in a source
On Mon, Sep 6, 2010 at 12:45 PM, Tom van der Woerdt i...@tvdw.eu wrote: I'm not 100% sure, but I'd assume that the license doesn't apply to the creator. :-) Creator no, it's a distribution license. But, since he's the one distributing the application... -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Re: Coming soon: a solution for Open Source applications using OAuth with the Twitter API
On Wed, Sep 1, 2010 at 7:58 PM, John Meyer john.l.me...@gmail.com wrote: And that assumes that you distribute the consumerkey and consumersecret with the app. Nothing about Open Source requires this. You could just as easily just distribute the source and require that users obtain their own ConsumerKey combos. The problem, in this case, is the awkward UX. Hello user! Thanks for downloading application X! To use it, you must register your application on Twitter, then authorize it to be used! And don't forget to use the proper options or it won't work, ok? Oh wait I sec... Why I need to register and _then_ authorize it? It doesn't make sense! That other application don't ask me all this shit... -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Re: Coming soon: a solution for Open Source applications using OAuth with the Twitter API
On Wed, Sep 1, 2010 at 9:56 PM, John Meyer john.l.me...@gmail.com wrote: And rendering the key useless to the spammer. And to you. And your users. That's the whole problem with it. Yes, one could simply strings(1) one Mac app and probably retrieve the keys and spam the hell of Twitter with it. For the spammer, it doesn't matter if the key is revoked as he could just get another one; the real problem appears to legit users that follow all the guildelines and really contribute for the system. The fact that open source apps, distributing their keys, make them easy targets for valid keys but that doesn't mean that applications that protect their keys are safer. -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Re: Coming soon: a solution for Open Source applications using OAuth with the Twitter API
On Wed, Sep 1, 2010 at 9:57 PM, John Meyer john.l.me...@gmail.com wrote: That's the way Twitter Tools for Wordpress works, and it isn't ackward at all. It's description leaves something to be desired, but it ain't rocket science. WordPress users are a complete different beast than desktop users. Even if you use some easy install process like Dreamhost One Click Install, you still need to know where your WordPress install is, unpack and install in the proper directory. Most desktop users don't want that hassle; the application that works is the one that they click the icon and it just works. Or one that they can just keep pressing next, next, next, ok. If you ask them to register their apps with the proper configurations on Twitter site (and, as far as I remember, the registration page defaults to browser apps and not desktop apps), they will believe your app is too hard to use and will take one that doesn't ask them so many things, even if their real security is not even slightly better. -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Re: Coming soon: a solution for Open Source applications using OAuth with the Twitter API
On Wed, Sep 1, 2010 at 10:20 PM, John Meyer john.l.me...@gmail.com wrote: 1. reverse engineering a consumer key combo from a legit program, creating user accounts and generating tokens, spamming it until it's locked out, tracking down another legit program, reverse engineering it, lathering, rinsing, and repeating vs. 2. generating his own consumer keys through twitter and using those. the spammer's going to take #1. ... unless he manages to get hold of an app like Tweetie or even Twitter for iPhone, which are hugely used around. I really doubt Twitter would revoke those applications secret and let a huge number of users in the dark. Somehow, I would think that #2 would be a whole lot easier. Besides, whether or not you think it's safer I seriously doubt that Twitter is thinking that oAuth is the only security measure. Personally, I believe that security through obscurity is no security at all. But let's assume that OAuth is more secure (or, at least, harder to be cracked). My problem with this all is that: 1) If I want to offer the same hard to crack level of closed source apps (since they require a tool different than grep), I'd have to force my users (desktop users, remember) to register their own apps. 2) If I want to offer an easier UX, I'd have to provide my own key and, thus, offer a lower security than other apps. OAuth certainly makes sense as a model for never type your password in some weird site 'cause you don't know when they say that they couldn't connect to Twitter is really that or they are just storing your login and password to abuse the ecosystem. The whole problem with it is the revocation of keys when it's believed that the app is not behaving properly because one single point abuses it. In that case, the point should be blocked, not the application itself. -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Send Custom Header
On Fri, Aug 13, 2010 at 7:41 AM, alex aakba...@gmail.com wrote: Accept: */* Connection: close User-Agent: OAuth gem v0.3.4.1 Authorization: abcdefgh Host: api.twitter.com how to send the above header to api.twitter.com through PHP ? http://php.net/manual/en/function.header.php ? -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason
Re: [twitter-dev] More button
On Wed, Aug 11, 2010 at 8:43 AM, Mark Krieger markskrie...@gmail.com wrote: 2. Assume that these calls will always really send me back 20 results ALWAYS, then if less, I know this is the last screen. Unfortunately, that won't work. Twitter retrieves the messages from the cache and then tests if they still exist. This means you could receive less than 20 and still not being in the last page. -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason
Re: [twitter-dev] Re: Coming soon: a solution for Open Source applications using OAuth with the Twitter API
On Mon, Aug 9, 2010 at 1:50 PM, Meepnix moonix...@gmail.com wrote: Has this solution for Open Source applications using OAuth with the Twitter API been implemented yet? As the deadline for Basic authentication removal is looming very close; 16th August, end of this week. On another thread, Taylor said No. So, basically, you will have to let your secret leak so your users can use your app. -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason
Re: [twitter-dev] Re: How is this a solution?
On Mon, Aug 9, 2010 at 10:46 PM, M. Edward (Ed) Borasky zn...@borasky-research.net wrote: why not simply build as much of the functionality into the server as possible and make a browser-based app right from the start? 'Cause that's not what I want. If I wanted a browser based app, I'd write on from start and not start it as a desktop app that can run on 4 different operating systems including one mobile[1]. If I wanted a web app, I'd have to chose a hosting/provider to hold all users accounts deal with all the logistics of giving users all the data they want. Instead, I decided to write a desktop app, where the users have their data whenever they want. But you guys are taking this out of context: OSS apps _need_ a way to expose their keys (as they are part of the application itself) without having to worry about someone getting those keys and ruining the app image by posting trash or using those same keys to get the same rights a user gave to the app. [1] And no, I didn't had to add any hacks or a stupid sequence of #defines. I get all that for free. -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason
Re: [twitter-dev] Re: How is this a solution?
On Sat, Aug 7, 2010 at 3:17 PM, M. Edward (Ed) Borasky zn...@borasky-research.net wrote: Deploy your application as a server-based web application. It's not like that's difficult with frameworks like Rails, Django, CodeIgniter, ... And what if I have a desktop application? Should I just screw my users by either providing a very stupid user experience (making them register a desktop application) or giving the key to their data with my app? How is that a solution? -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason
Re: [twitter-dev] Re: How is this a solution?
On Thu, Aug 5, 2010 at 8:41 PM, Taylor Singletary
taylorsinglet...@twitter.com wrote:
We know this isn't ideal.
No, it's not ideal: It's far far FAR from it.
But we're supporting OAuth 1.0a right now, and for the safety of our users,
for the ecosystem, and for you: please don't distribute API tokens and
secrets in your open source projects.
Two wrongs here: First of all, you're saying that closed source apps
are safer for your users ('cause, in theory, the keys are harder to
get). That's false 'cause you can't assure, nor your users and neither
the ecosystem that a certain application will call home and send
information it shouldn't. Even worse for the ecosystem is that you
guys are forcing applications to be removed from it.
The second wrong is that you're, basically, telling us that we should
punish our users with a more complicated UX because we decided to
provide them with more freedom.
I may sound pissed and I am: Twitter was build on top of open source
apps (like Rails and now Cassandra) and basically you guys are
slapping every other open source application that use your APIs in the
face.
--
Julio Biason julio.bia...@gmail.com
Twitter: http://twitter.com/juliobiason
Re: [twitter-dev] Re: Sending 1600 DMs?
If you need to send that many messages, put them on your public timeline and people that follow you will get them. On Wed, Jul 28, 2010 at 9:06 PM, Bess bess...@gmail.com wrote: There is no way to lift this DM daily limit? If I build an emergency system to report accidents then official twitter for police or Red Cross won't be able to receive more than 250 DM per day. If there is a major accidents that involve more than 250 injuries assuming each DM per injury report, Twitter will send out Whale error after exceeding that limit? On Jul 27, 10:01 pm, Mark Sievers mark.siev...@gmail.com wrote: Right on, cheers Chris! On Jul 28, 2:53 pm, Chris Thomson chri...@chris24.ca wrote: You can only send 250 DMs from one account per day:http://support.twitter.com/articles/15364-about-twitter-limits-update... -- Chris Thomson On Jul 28, 2010, at 12:47 AM, Mark Sievers wrote: http://twitter.com/blekko/status/19714365588 Kind of curious what would happen myself. The call is not itself rate- limited, and the target must be following you (ie they have opted in) so this is ok, but wonder if firing off 1600 DMs in the space of a few minutes raises any red flags in the Twitter mopther ship. http://dev.twitter.com/doc/post/direct_messages/new -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason
Re: [twitter-dev] Is tweet retweeted or not.
On Sat, Jun 5, 2010 at 1:22 PM, Furkan Kuru furkank...@gmail.com wrote: Retweets are not given in the timeline. You have to get retweets and merge them. They are. Either you can call home_timeline instead of public_timeline or call public_timeline with the include_rts parameter. -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason
Re: [twitter-dev] xAuth Approval?
On Tue, Apr 27, 2010 at 2:35 PM, M. Edward (Ed) Borasky zn...@comcast.net wrote: Charging money is how we pay our expenses and earn enough profit to invest in research and development for the next generation applications. ;-) Just because it's open source it doesn't mean you can't charge for it. So I'm guessing that's what John Meyer asked what open source have to with money. As a matter of fact, Richard Stallman, to fund the development of the GNU system, was selling copies of Emacs. Of course, it was not licenses (like every big company do these days), but his work and the media. -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason
Re: [twitter-dev] Problem sending tweets with nbsp chars
On Mon, Mar 8, 2010 at 5:15 AM, Roy Leban r...@royleban.com wrote: RoyLeban:�...@twitterapi What does like that mean? You count each nbsp as 1 char until you get close to 140 then count them as more? Sounds like a bug Don't get me wrong, but I'm guessing that your problem is that you are thinking Twitter counts chars, when it counts bytes, actually. Raffi posted an URL with the proper way to count characters: http://apiwiki.twitter.com/Counting-Characters -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason
Re: [twitter-dev] home_timeline problems with count and page/pagination
On Fri, Feb 19, 2010 at 3:48 PM, Chris Bailey ch...@cobaltedge.com wrote: 1) I don't always get 100 tweets back, even though I specified 100 for the count. For what I got, Twitter first retrieve the tweets from the cache and then tests if some of those were removed. In your case, 2 tweets were deleted and, thus, not returned in the result (although they still were present in the cache.) 2) I get zero tweets back on about page 9, yet, according to the pagination and rate limiting docs, I should be able to do about 32 pages (rate limit of 3200 tweets, with asking for 100 per page) I did a quick search and couldn't find anything. But, again, if my memory doesn't fail, the total number of tweets you can retrieve are based on the total number of tweets in the cache. Either that or I'm confusing it with the search cache. -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason
Re: [twitter-dev] Re: Application Suspended
On Mon, Feb 15, 2010 at 8:55 PM, Cameron Kaiser spec...@floodgap.com wrote: Quite. I've never felt in any way intimidated by the API group, and any disagreements I have had with their policies have been entirely constructive. I feel more intimidated by people in this group than the core Twitter team. I mean, some day, someone may compare me with some nazi stuff, or do empty threads of moving to some other service... -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason
Re: [twitter-dev] Retweets not appearing in status/user_timeline when using JSON output
On Fri, Feb 12, 2010 at 2:26 PM, Raffi Krikorian ra...@twitter.com wrote: from http://apiwiki.twitter.com/Twitter-REST-API-Method%3A-statuses-user_timeline Note: For backwards compatibility reasons, retweets are stripped out of the user_timeline when calling in XML or JSON (they appear with 'RT' in RSS and Atom). If you'd like them included, you can merge them in from statuses retweeted_by_me. Or use the home_timeline. Just wondering if pointing to home_timeline wouldn't be better than pointing to retweeted_by_me... -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason
Re: [twitter-dev] Statuses/Show Method doesn't display multiple statuses?
On Fri, Jan 29, 2010 at 3:59 AM, Kevin Marshall falico...@gmail.com wrote: I believe you are looking for user_timeline: http://apiwiki.twitter.com/Twitter-REST-API-Method%3A-statuses-user_timeline home_timeline, actually. It's like user_timeline but with retweets. -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason
Re: [twitter-dev] Re: Using OAuth keys in an open source application
On Tue, Jan 19, 2010 at 3:03 AM, ryan alford ryanalford...@gmail.com wrote: Raffi's answer in the third post was under the impression that the OP was referring to releasing his consumer keys as part of his open source code for others to download his CODE and use for their own applications. This is what Raffi was referring to when he said to use a configuration file to store the consumer keys and have a README file for the end user. The end user being the developer that downloaded the code. Not all applications will be run by developers. Mitter is run by end users, on their desktops. If I have to force every open source user to go and register a new application to be able to update their status on Twitter, they will simply use the website 'cause it's way easier than doing the whole process. Yes, security is important. But when security is a burden to the user experience, people will not use your application. I'm kinda worried about the work end-users will have when they try to run Mitter on their N800. -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason
Re: [twitter-dev] twitter whitelisting
On Tue, Jan 19, 2010 at 2:36 PM, Cube Whidden lxx.septuag...@gmail.com wrote: I have submitted a request to be whitelisted by twitter almost two weeks ago. I googled around and found that it normally takes 1 week in the past. Does anyone know the average time it takes to get whitelisted these days? Also, if you get rejected, will I get an email with the reason so that I can correct what is lacking? (Note: I'm not related to Twitter or the approval of whitelists in any way.) For what I read in this list, yes, you should get an email saying why your application was rejected. Or, at least, get an email, since the rejection app was buggy a few weeks ago (so you get an email, but it didn't say why it was rejected.) Also, as far as I know, the approval or rejection is a manual process, so it should be someone at the twoffice to check it. Raffi (I think) mentioned that the twitter team was in holidays last week, so that may explain the delay. -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason
Re: [twitter-dev] Access to user retweets without authorisation
On Thu, Jan 7, 2010 at 3:05 PM, Alison W alis...@gmail.com wrote: I have a product which I need to update for the 'internal' RT feature (as opposed to sending with 'RT' on the front manually). As a security feature of the product I do not ask for nor require the user to give me authorisation for Twitter access in any way - I'm never doing an update and only retrieving public tweets, so to demand a key is unnecessary and a possible - if theoretical - security hole I feel. Using http://api.twitter.com/1/statuses/user_timeline.json?user_id=0 used to bring in everything, but now it doesn't. The only available option appears to be http://api.twitter.com/1/statuses/retweeted_by_me.json except that demands authentication for all users, even though they may be public on the web interface, etc. It seems two complete different things to. The user_timeline will retrieve the things send to the user. In a way, retweets by the user are already in the user_time, so there is no need to retrieve them again (there is a problem about pointing the tweets retweeted in the timeline, but that's a complete different subject.) If you want the normal timeline PLUS the retweets by users the user_id follows, you should use home_timeline instead (which is the normal user_timeline + retweets of following.) Other than that, I can't really understand what you are trying to do. -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason
Re: [twitter-dev] conversation chain
On Tue, Jan 5, 2010 at 3:27 AM, pallabi paul pallabi...@gmail.com wrote: Hi , Thanks for your reply.But actually i am talking about the conversation thread returned by the twitter .I am using this url to get the conversation thread as xml. http://search.twitter.com/search/thread/statusid If twitter uses reply_to_id (most probably), if you get the first message of the thread or a message that it is not a part of a thread, it will return just one message. Try to build a thread using the in_reply_to and you'll understand. -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason
Re: [twitter-dev] Access OAuth Pages Externally
On Sun, Jan 3, 2010 at 4:15 PM, SeriousSamP seriouss...@yahoo.co.uk wrote: I am trying to send retweets using retweet.it from rss data. I was hoping to filter out the ones that matched certain keyword criteria and automatically retweet them from a php page that can only be accessed wehn logged in as it uses you account. Can anyone help me with this? If retweet.it sends you the message id, you can retweet using: http://apiwiki.twitter.com/Twitter-REST-API-Method%3A-statuses-retweet You'll need oAuth (or use the basic auth) to retweet the messages, though. -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason
Re: [twitter-dev] Access OAuth Pages Externally
On Sun, Jan 3, 2010 at 6:06 PM, SeriousSamP seriouss...@yahoo.co.uk wrote: Thanks, However, Retweet.it is a site that rewards you for sending retweets and I am trying to automate this process. I am looking for a way to access the php which sends the retweets. Either by passing data to the URL, :COOKIE maybe? Or from a php page that does the whole thing which I can then call. Maybe you should check if they have an open API for that and contact their support/development list in any case. -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason
Re: [twitter-dev] How can I retrieve a list of my Twitter's followers name?
On Sun, Dec 27, 2009 at 7:47 PM, humbucker oursystemfai...@gmail.com wrote: I'm creating a little app that would display only the tweets of my followers, and so, I would be interested to know if I can retrieve a list, an xml, or a file with the alias/name of my followers to evaluate them prior to displaying their tweets ? If you request /statuses/followers (http://apiwiki.twitter.com/Twitter-REST-API-Method%3A-statuses followers) you'll get a list of followers, their names and their last status/tweet. -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason
Re: [twitter-dev] Re: Loose ends for List and Retweet APIs
On Fri, Dec 18, 2009 at 10:27 PM, Cameron Kaiser spec...@floodgap.com wrote: Or conceivably (though arguably janky) there could be an additional parameter you provide for the user timeline that opts you in to having retweets appear. e.g. ?include_retweets=true Right, exactly. I would adore this. What would be the difference between this and home_timeline ( http://apiwiki.twitter.com/Twitter-REST-API-Method%3A-statuses-home_timeline )? -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason
Re: [twitter-dev] Kill the new RT feature - it's non-relational
On Mon, Nov 23, 2009 at 2:49 AM, chuckblakeman cfblake...@gmail.com wrote: Ignoring Relationship Building Quite the contrary. If one of my friends retweets someone that I'm not following and it's interesting enough, I'll probably follow the original author. It's a way for your followers to show interesting thoughts and things that they thing THEIR followers will thing it's interesting enough to follow. Elitist Arrogance As far as I know, you don't see when one of your followers retweets someone you posted. Increased Meaningless RT Traffic 'Cause all Twitter traffic is meaningful? It can be abused, yes. But EVERYTHING twitter provides in the form of APIs can be abused in a way or another. Mass following/unfollowing, by any chance? Summary Summary: You don't understand twitter or the new retweet feature. -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason
[twitter-dev] Re: I must be stupid.
On Sat, Aug 15, 2009 at 7:25 AM, Adam Shannona...@ashannon.us wrote:
foreach ($oauth['parms'] as $parm) {
$request_uri = $request_uri . $parm;
}
Well, you didn't state the results you're getting (which error) so I'm
just guessing here. If I'm not mistaken, PHP uses a hash for array
indexes and, thus, it may be adding the elements in the $request_uri
in the wrong order. I can't remember how to do that in PHP, but in
Python it would be something like:
for key in sort(oauth['params'].keys()):
request_uri += oauth['params'][key]
--
Julio Biason julio.bia...@gmail.com
Twitter: http://twitter.com/juliobiason
[twitter-dev] Re: RateLimit Calculation
On Wed, Aug 12, 2009 at 7:01 AM, shiplushiplu@gmail.com wrote: Oops! Basic Mistake! But what about I am talking about GET requests. If you're doing a GET 3 times every hour, then it would be better not use a whitelisted IP. This way, the rate limit will count to each user, not the IP (considering that you're authenticating those users.) -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason
[twitter-dev] Re: Twitter's official comment on our disabling of OAuth
On Fri, Apr 24, 2009 at 12:14 AM, djMax djm...@gmail.com wrote: What does this really mean these days? Clearly your desktop app is connected to the internet in some way at some point, Well, my *console*, *non-graphical* application is connected to the internet, yes. Also, if that makes it clear, think about a headless install. So are you just saying that you never want to have to display an HTML page? If Lynx can display, so can I. But remember that there is no copy'n'paste or anything of sorts in there. -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason
[twitter-dev] Re: rate-limit and whitelisting
On Thu, Apr 23, 2009 at 10:29 AM, Lien Tran lientra...@gmail.com wrote: QUESTION 1: Does this mean that if my user is signed up with multiple Twitter applications, then the total number of requests that those applications can make on behalf of my user is 100? That is, the 100 rate limit is split across all the applications? Yes. If you have 10 apps running at the same time doing authenticated requests, then all of them count to your rate limit. Some applications try to act a little bit smarter and do unauthenticated requests while possible/not capped and switch to authenticated requests when that happens. QUESTION 2: If I have a application server with several hundred thousand users, and I have my IP address whitelisted, does this mean I can make only 2 requests per hour for all users that are registered with my server? I never whitelisted a server, but I pretty sure it means you can do 2 requests per hour from that IP, no matter which user you use. Also, I think those won't count to the user personal limit rating. If so, then I'm not sure how whitelisting will help me here. Am I better off with just relying on the account rate limit of 100? Depends on what you trying to do. -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason
[twitter-dev] Re: rate-limit and whitelisting
On Thu, Apr 23, 2009 at 10:49 AM, Chris Latko ch...@latko.org wrote: Excuse my ignorance on this, but aren't you forced to use either an authenticated or unauthenticated call depending on the API method? If this is the case, then you really don't have an option on how these calls are made. I don't think you're forced to do unauthenticated calls on any API. There are some that require authentication, like direct messages and some that fall into an ambiguous position due the public/non-public tweets. E.g., if a user have a protected timeline, you need to be authenticated to request the user_timeline of that user; otherwise, doing an unauthenticated request will work fine. Mentions probably fall in the same category (you can get some mentions using the search API, but it won't return protected updates.) -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason
[twitter-dev] Re: Twitter's official comment on our disabling of OAuth
On Thu, Apr 23, 2009 at 10:23 AM, Chris Latko ch...@latko.org wrote: I'm going to have to side with Alex on this one. The APIs should be protected by OAuth and that is what should be pushed out and the basic auth deprecated. What I don't really understand is why it has taken until now to promote OAuth. I understand OAuth is an evolving standard, but it has been around for quite a while. Still waiting for a good explanation of how to use OAuth in a console-only, no-browser environment. Until then, I see that Basic Auth should remain active. -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason
[twitter-dev] Re: Update API (with OAuth) failed on Unicode tweet
2009/4/12 Cmdr J0hn kazuhiro.is...@gmail.com: Now, I send a Unicode charactor, あ (not sure displayed on your screen properly, it's Japanese) [...] status=%E3%81%82 (It's utf-8, I guess. 3 bytes needed for one Japanese charactor) I think you're not encoding this properly. You're sending one character, so you should send just one code, not three. Sure, Twitter should not break if you do this but, at the same time, your encoding is not right. Looking at your example, it seems you're converting your UTF-8 to a string of bytes and sending each byte separately, which should not be the case. (I have the slight impression that it should be something like status=%4054 or some other very right value, but, again, just one character, not three.) -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason
[twitter-dev] Re: counting rate limits against an oauth consumer
Hey, I'm guessing it would allow some abuse. Someone would start requesting application IDs like crazy and spam the hell of the system. Once he blow up one application ID, it would just switch to another one. Although some sort of list-of-applications-sorted-by-requests would allow a user to easily see the applications that are not behaving nicely. On Sun, Apr 12, 2009 at 1:16 PM, cpatil cpa...@gmail.com wrote: Hi, Is there a reason why the rate limit is not applied to an oauth consumer (the application) instead of the authenticating user? It would prevent an offending application to use up the limits of a user and allow other applications continue to be able to service the user. thx/c -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason
[twitter-dev] Re: how to put my own source instead of web
Andrew, please, less noise and more info. You are getting really annoying lately. Noorani, the source parameter is a code, which you had to request. I'm saying had 'cause, as a few hours ago, Twitter decided to remove the request form for new applications using the Basic Auth. See http://groups.google.com/group/twitter-development-talk/browse_thread/thread/ce57405a08483877 I guess the safe way is check if there is a new version of the library you're using that uses OAuth instead of Basic Auth or look for another library. Twitter keeps a list of libraries here: http://apiwiki.twitter.com/Libraries#PHP On Thu, Apr 9, 2009 at 11:50 PM, Andrew Badera and...@badera.us wrote: Unpossible! Can't not do it! Thanks- - Andy Badera - and...@badera.us - Google me: http://www.google.com/search?q=andrew+badera Sent from Albany, NY, United States On Thu, Apr 9, 2009 at 4:24 AM, K.A.Noorani khurramnoor...@gmail.com wrote: I've been developing a web-based twitter application in PHP that uses Arc90 PHP Twitter API Client (http://lab.arc90.com/2008/06/ php_twitter_api_client.php). The only thing that is making me crazy that when I submit a tweet from my application it puts from web and the end, but what I need is that it should put from Foo where Foo represents the name of my application and clicking on Foo should take the user to my website, like the other twitter applications such as TweetDeck, Seesmic, etc do. I would like to tell you that in the API client that I am using, there is a parameter of source in the class constructor and I've tried passing a href='http://www.foo.com' target='_blank'Foo/a but still it shows web instead of Foo. Do I have to pass something really special in the source parameter? Any Ideas? Thanks in advance! -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason
[twitter-dev] Re: how to put my own source instead of web
It doesn't give you the right to be obnoxious. If you don't want to answer, don't answer. Adding noise to the list won't help anyone. On Fri, Apr 10, 2009 at 12:00 AM, Andrew Badera and...@badera.us wrote: Actually Julio what's really annoying are lazy eternal September people who can't be bothered to read the FAQ and docs on their own, and those who facilitate them by handholding and spoonfeeding. On Thu, Apr 9, 2009 at 9:58 AM, Julio Biason julio.bia...@gmail.com wrote: Andrew, please, less noise and more info. You are getting really annoying lately. Noorani, the source parameter is a code, which you had to request. I'm saying had 'cause, as a few hours ago, Twitter decided to remove the request form for new applications using the Basic Auth. See http://groups.google.com/group/twitter-development-talk/browse_thread/thread/ce57405a08483877 I guess the safe way is check if there is a new version of the library you're using that uses OAuth instead of Basic Auth or look for another library. Twitter keeps a list of libraries here: http://apiwiki.twitter.com/Libraries#PHP On Thu, Apr 9, 2009 at 11:50 PM, Andrew Badera and...@badera.us wrote: Unpossible! Can't not do it! Thanks- - Andy Badera - and...@badera.us - Google me: http://www.google.com/search?q=andrew+badera Sent from Albany, NY, United States On Thu, Apr 9, 2009 at 4:24 AM, K.A.Noorani khurramnoor...@gmail.com wrote: I've been developing a web-based twitter application in PHP that uses Arc90 PHP Twitter API Client (http://lab.arc90.com/2008/06/ php_twitter_api_client.php). The only thing that is making me crazy that when I submit a tweet from my application it puts from web and the end, but what I need is that it should put from Foo where Foo represents the name of my application and clicking on Foo should take the user to my website, like the other twitter applications such as TweetDeck, Seesmic, etc do. I would like to tell you that in the API client that I am using, there is a parameter of source in the class constructor and I've tried passing a href='http://www.foo.com' target='_blank'Foo/a but still it shows web instead of Foo. Do I have to pass something really special in the source parameter? Any Ideas? Thanks in advance! -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason
[twitter-dev] Re: friends_timeline, website and replies
Twittelator probably isn't sending the in_reply_to_status_id, so Twitter is taking the second as a mention and not a proper reply. On Mon, Apr 6, 2009 at 9:57 AM, SuNcO sunco...@hotmail.com wrote: Before post this i do a search but didn't found this exactly If i check the friends_timeline.xml, the first two msgs are replies. I can see the replied_user_id, nick etc.. But in web i can't. I just see the first reply You can see a screenshot here: http://sunco.codigoplus.com/twitter1.png (290 KB) -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason
[twitter-dev] Re: changing source URL
On Tue, Mar 31, 2009 at 12:37 PM, Chris Cairns nochan...@gmail.com wrote: I know its taken. But i must be able to use it. QuickSilver is open-source. It means that some other client took the quicksilver id already. Both clients you mention could use the same name but different ids. -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason
[twitter-dev] Problem with the limit count with POSTS
Hi there, I just found a problem with rate limit count. A few days ago, my app (Mitter) started getting weird always 100 remaining requests available all the time. At the time I ignored that. Today I was trying to get the X-RateLimit-Remaining header and there was no way to find out why I was not receiving it. Then it clicked: I added the since_id parameter but, due the way Python urllib2 module behaves, adding it in the body makes a POST request instead of GET. Getting /statuses/friends_timeline.json works fine this way but, because it's a POST, it doesn't count to the limit and the response, also fine, doesn't return the X-RateLimit-Remaining. If possible, I'd suggest to keep things this way, but add the X-RateLimit-Remaining on EVERY request (as it says in the issue) and count every request unless the url is /statuses/update. PS: Before anyone says anything, I found that in the development trunk; the exploit is not in the wild yet. -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason
[twitter-dev] Re: VT100 twitter client
There is also Mitter, which provides a GTK and two console interfaces (one interactive, one not.) http://code.google.com/p/mitter /shameless plug On Tue, Mar 17, 2009 at 12:08 PM, Cameron Kaiser spec...@floodgap.com wrote: Has anyone written a VT100 twitter client or emacs twitter mode or similar? There are a number of text clients, including one for vim, and I'm pretty sure I have seen a couple for emacs. I am excessively fond of http://www.floodgap.com/software/ttytter/ but being its author, I suppose that's to be expected. -- personal: http://www.cameronkaiser.com/ -- Cameron Kaiser * Floodgap Systems * www.floodgap.com * ckai...@floodgap.com -- Everything you think you know is wrong. -- Jack Chalker -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason
Re: SPANISH OR SPECIAL CHARACTERS
On Fri, Jan 30, 2009 at 11:21 AM, Daniel danielatiklo...@gmail.com wrote: I'm using ASP.NET to post status updates into twitter but all the accents and special characters are shown as ?. (Disclaimer: I know zits about ASP.NET) Looks like you're getting the message in ASCII and pointing that you're sending them url-encoded. You should url-encode the message before sending it. -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason
Re: Only @reply Tweets have conversation threads?
On Fri, Jan 30, 2009 at 8:29 AM, drupalot oax...@gmail.com wrote: A quick follow-up. We noticed today that in the rest API, under the following section (URL pasted below) it shows the anatomy of a Tweet, including the in_reply_to_status_ID. Doesn't this mean that we can call from Twitter for the in_reply_to_status_ID for any Tweet? And thus create accurate conversations in our mashup for any given Tweet? That's what I do in Mitter. You may hit a protected tweet, though. -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason
Re: Twitter :Not able to follow user
Sounds like the library of whatever you're using is broken. Maybe you should contact the library author. On Fri, Jan 23, 2009 at 7:34 AM, joe joe.nay...@gmail.com wrote: Need help asap I am getting this error in my application. Code not working in the application client = Twitter::Client.new( :login= askgram , :password= joenayyar) = #Twitter::Client:0xb664cf60 @password=joenayyar, @login=askgram client.authenticate?(askgram,joenayyar) = true client.status(:post,follow delbius) JSON::ParserError: unexpected token at 'Error: you are requesting an invalid URL.' from /usr/local/lib/ruby/gems/1.8/gems/json-1.1.2/lib/json/ common.rb:122:in `parse' from /usr/local/lib/ruby/gems/1.8/gems/json-1.1.2/lib/json/ common.rb:122:in `parse' from /usr/local/lib/ruby/gems/1.8/gems/twitter4r-0.3.0/lib/ twitter/model.rb:33:in `unmarshal' from /usr/local/lib/ruby/gems/1.8/gems/twitter4r-0.3.0/lib/ twitter/client/status.rb:43:in `status' from (irb):3 Working code in the same application client = Twitter::Client.new( :login= christy24 , :password= christy24)= #Twitter::Client:0xb663e30c @password=christy2, @login=christy24 client.authenticate?(christy24,christy2) = true client.status(:post,follow delbius) = #Twitter::Status:0xb6633d94 @client=#Twitter::Client:0xb663e30c @password=christy2, @login=christy24, @id=1136581018, @user=#Twitter::User:0xb6633c40 @screen_name=christy24, @url=nil, @description=nil, @id=16040188, @name=christy24, @protected=false, @profile_image_url=http://static.twitter.com/images/ default_profile_normal.png, @location=nil, @text=@delbius Need Help.Twitter account @askgram doesn't work n console but @christy24 works using twitter4r API while doing 'follow username\., @created_at=Wed Jan 21 21:54:30 +0530 2009 -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason
Re: Source of Direct Messages
The source parameter means nothing. I can change Mitter to identify itself as Twiterrifc, for example. If they take a road like that, some spammer can change the parameter to, say, YOUR application and your users will flock to something else (but, most probably, spammers won't use any source, meaning the source it's the website itself -- which proves nothing.) On Tue, Jan 6, 2009 at 9:01 AM, Jesse Stay jesses...@gmail.com wrote: In light of the current Phishing scheme, for the sake of my app and others, can Twitter include the source of the DM in the XML returned? At least this way I could start sending my App source id in the feeds so users know which apps DMs come from, and which ones are not identified. I recognize it's not a perfect solution, but it is one way I can prove to my users my own app is not compromised (yes, users are asking out there, and they're asking about many other apps as well). It's also one way my users can let me know if they find out for some reason it has been compromised (knock on wood). Thanks, Jesse -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason
Re: This is why it's Urgent
On Tue, Jan 6, 2009 at 3:47 AM, Aaron Brazell emmenset...@gmail.com wrote: Twitblogs- There is no reason why any Twitter user should simply trust an app because *you* created it. Though I inherently trust you and there's no reason to believe you would create a malicious app, no one can *verify* that. Trust yet verify. Use an open source application, then. You can verify the source yourself. -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason
Re: Using CAPTCHAs to get more followers on twitter.
On Tue, Dec 9, 2008 at 7:05 AM, Amir Michail [EMAIL PROTECTED] wrote: The CAPTCHA is used to get people to look at your tweet selection carefully. Without it, people could just post their tweet selection and use a script to automatically look at other people's tweet selections. And how would you make people look at the tweet instead of the captcha? Honestly, my opinion about it is: If you want do build it, do it. No one here will stop you. -- Julio Biason [EMAIL PROTECTED] Twitter: http://twitter.com/juliobiason
Re: Python Twitter API Wrapper problem w/ Google app engine
On 11/23/08, Amir Michail [EMAIL PROTECTED] wrote: global User = class 'twitter.User', builtin id = built-in function id, data = u'request', data.get undefined, builtin None = None, name undefined, screen_name undefined, location undefined, description undefined, profile_image_url undefined, url undefined, status = None type 'exceptions.AttributeError': 'unicode' object has no attribute 'get' Any ideas on how to get this to work? Your data object is wrong. It's a string (with the content 'request') and not a dictionary. -- Julio Biason [EMAIL PROTECTED] Twitter: http://twitter.com/juliobiason
