Hi Jeff,
If you have added a User-Agent header you shouldn't have any
problems with the new restriction.
Thanks;
– Matt Sanford / @mzsanford
Twitter Dev
On Jun 24, 2009, at 10:00 AM, feesta wrote:
Hi all,
I'm fairly new to app development and am working with Google Appengine
at
Hi all,
I'm fairly new to app development and am working with Google Appengine
at the moment. My app (http://www.twitwheel.com/) makes two calls to
the search API for each page view. I've just added the user agent to
my urlfetch calls. Do I still need to worry about the 100/hour rate
limit? I've o
Setting the user agent is not only in the best interest of Twitter.
It's in your best interest as well.
I've been setting my user agent from almost day #1 of my service, and
on several occasions it has helped me to get quick response and issue
resolution from the API team for both REST and Search
Doug,
thanks for clarification. So we'll continue to send a reasonable User Agent
header from our apps, and assume that for now you won't reject all calls
without them. We can of course also add the X-Twitter-* headers, as Craig
suggests, in our next releases.
Thanks,
Marco
2009/6/17 Doug Willia
Craig,
That is an excellent example of what we would like to see. You've identified
your application and given us the URL to learn about it. Perfect.
Thanks for sharing.
Doug
On Wed, Jun 17, 2009 at 10:15 AM, Matt Sanford wrote:
>
> Hi Craig,
>
>I didn't know about the X-Twitter-Client h
Hi Craig,
I didn't know about the X-Twitter-Client headers, thanks for the
info.
Thanks;
– Matt Sanford / @mzsanford
Twitter Dev
On Jun 17, 2009, at 10:09 AM, Craig Hockenberry wrote:
Matt & Doug,
Here's some more information to help fingerprint search requests:
The MGTwitter
Matt & Doug,
Here's some more information to help fingerprint search requests:
The MGTwitterEngine library sends the following X headers by default:
X-Twitter-Client: MGTwitterEngine
X-Twitter-Client-Url: http://mattgemmell.com/source
X-Twitter-Client-Version: 1.0
These can be overridden by th
Marco,
I was giving us breathing room. In 6 days, we will require this data but
enforcement will be manual in most cases. My strict language above is to
ensure that developers know we reserve the right to terminate their
applications without warning if they are abusing the system and not
including
Doug,
citing from your original mail:
"Any request not including this information will be returned a 403 Forbidden
response code by our web server."
How does it map to what you say now, that "a best effort is sufficient", if
you reject any request without those header(s) with a 403 response? Aga
I think you misspelled "Ar," matey!
On Tue, Jun 16, 2009 at 9:22 PM, Brian Gilham wrote:
> R
>
> --
> *From*: Doug Williams
> *Date*: Tue, 16 Jun 2009 17:31:11 -0700
> *To*:
> *Subject*: [twitter-dev] Re: Search API to requ
R
-Original Message-
From: Doug Williams
Date: Tue, 16 Jun 2009 17:31:11
To:
Subject: [twitter-dev] Re: Search API to require HTTP Referrer and/or User
Agent
For most applications, enforcement of this requirement will be subject to
manual review. We want a marker (Referrer and/or
For most applications, enforcement of this requirement will be subject to
manual review. We want a marker (Referrer and/or User Agent) to help
understand who top searchers are when problems arise and if we can determine
a better data access plan for their needs. End-users and clients never hit
our
You are still missing my point - desktop clients may not be able to send a
User Agent or Referrer, based on the network infrastructure the use is
locked into. Nothing in your repsonse addressed this issue.
I am fully willing to send the requested data in the clients (and I already
do), but I have
As you have determined, we just a better way to track who is making requests
and at what volume. If you are doing janky things and we don't know who you
are (no referrer or user agent) then we have no contact for your
application. We will block the IP address and move on.
However if you would like
Perhaps some sort of signature/app value in the URL request query
string? That will make it through proxies and firewalls, and is just
as easily spoofed as HTTP-Referrer and User-Agents...
-Chad
On Tue, Jun 16, 2009 at 5:36 PM, Marco Kaiser wrote:
> Matt,
>
> far from getting into RFC debates, b
Matt,
far from getting into RFC debates, but really concerned for the non-server
apps out there, which may not have full control over the network
infrastructure they run on. If I set up my own server(s) at a data center, I
sure can take care of sending you the right referrer and user-agent, but
un
On Tue, Jun 16, 2009 at 5:05 PM, Matt Sanford wrote:
> Hi there,
> While all of this flame is keeping my feet warm it's not really
> productive.
Are you sure this is a flame war as defined by RFC 1855 [1]?
...sorry, had to :)
-Chad
[1] http://www.faqs.org/rfcs/rfc1855.html
Hi there,
While all of this flame is keeping my feet warm it's not really
productive. This isn't Slashdot comments, let's try and remain on
topic rather the getting into RFC debates. To be even more explicit
than my previous email: Use the user-agent. Referrer will be taken
care of by
How does one set the http referrer and user agent?
On Jun 16, 12:33 pm, Doug Williams wrote:
> Hi all,
> The Search API will begin to require a valid HTTP Referrer, or at the very
> least, a meaningful and unique user agent with each request. Any request not
> including this information will be
I agree with Stuart, this might be tricky for client applications that are
running behind firewalls / proxies that might remove both header fields, and
neither the app author nor the user might have any control over this.
Finally, that means you'll lock out those people from using search in their
p
If the User-Agent/Referrer says "Twitpay", and it's really me, when Twitter
contacts me, I'll answer, and we'll work it out.
If the User-Agent/Referrer says "Twitpay", and it's *not* really me, when
Twitter contacts me, I'll tell them, and they'll block the IP.
It's a starting point for figuring t
2009/6/16 Naveen Kohli
> Redefining HTTP spec, eh :-)
> Whatever makes twitter boat float. Lets hope for the best. Just concerned
> that some firewalls or proxies tend to remove "referrer".
What a completely ridiculous thing to say. It's not "redefining" anything.
If Twitter want to require som
Redefining HTTP spec, eh :-)
Whatever makes twitter boat float. Lets hope for the best. Just concerned
that some firewalls or proxies tend to remove "referrer".
On Tue, Jun 16, 2009 at 1:05 PM, Stuart wrote:
>
> It's optional in the HTTP spec, but mandatory for the Twitter Search
> API. I don't
Hey guys.
This has already been banged out in the RSS wars (of which I'm a
veteran and have the battle scars).
Don't use a Referrer unless it's literally a page with a link or
search page.
You should use a User-Agent here (which is what it is designed for).
The browser should generally send th
2009/6/16 Chad Etzel
>
> On Tue, Jun 16, 2009 at 1:05 PM, Stuart wrote:
> >
> > It's optional in the HTTP spec, but mandatory for the Twitter Search
> > API. I don't see a problem with that.
>
> Erm, for sites like TweetGrid, TweetChat, etc, which are all
> browser-based client-side driven sites,
Thanks for chiming in on this Chad!
On Jun 16, 12:10 pm, Chad Etzel wrote:
> On Tue, Jun 16, 2009 at 1:05 PM, Stuart wrote:
>
> > It's optional in the HTTP spec, but mandatory for the Twitter Search
> > API. I don't see a problem with that.
>
> Erm, for sites like TweetGrid, TweetChat, etc, whic
I checked and TweetGrid was setting a referrer (on the page I tested,
it was http://tweetgrid.com/grid?l=0), and as Matt said all should be
fine for us Client-side Search API peeps.
Brooks
On Jun 16, 12:10 pm, Chad Etzel wrote:
> On Tue, Jun 16, 2009 at 1:05 PM, Stuart wrote:
>
> > It's optiona
Hi all,
Let me clarify a bit. For server-side processing please set the
User-Agent header. I recommend using your domain name, or if you don't
have one (which is odd) your appname. Something like "myapp.com" or
"myapp". By using domain name we'll be able to check out the site and
rea
Totally understand the need. I asked for clearer criteria because in
message one, you state you'll require
"a valid HTTP Referrer" or "a meaningful and unique user agent"
I can probably define a valid HTTP Referrer as containing a URL that
exists, but a meaningful/unique user agent is somewhat i
On Tue, Jun 16, 2009 at 1:05 PM, Stuart wrote:
>
> It's optional in the HTTP spec, but mandatory for the Twitter Search
> API. I don't see a problem with that.
Erm, for sites like TweetGrid, TweetChat, etc, which are all
browser-based client-side driven sites, the users' browser will make
the req
It's optional in the HTTP spec, but mandatory for the Twitter Search
API. I don't see a problem with that.
Doug: Presumably the body of the 403 response will contain a suitable
descriptive error message in the usual format?
-Stuart
--
http://stut.net/projects/twitter
2009/6/16 Naveen Kohli :
The logical thing would be to set the referrer to the domain name of
your application. If it doesn't have one I'd say use your Twitter user
URL (i.e. http://twitter.com/stut).
Most HTTP libs in most languages will set a default user agent, and
it's usually pretty easy to override it. I'd suggest
Why would you make decision based on "Referrer" which is an OPTIONAL header
field in HTTP protocol? Making decision based on something that is
"REQUIRED" may be more appropriate.
On Tue, Jun 16, 2009 at 12:33 PM, Doug Williams wrote:
> Hi all,
> The Search API will begin to require a valid HTTP
Thanks, pretty sure we do both. Will this new (or newly enforced) policy
help clean up some garbage?
On 6/16/09 11:56 AM, "Doug Williams" wrote:
> All we ask is that you include a valid HTTP Referrer and/or a User Agent with
> each request which is easy to do in almost every language. Both woul
Indeed, some clearer criteria would be most appreciated.
--
Ed Finkler
http://funkatron.com
Twitter:@funkatron
AIM: funka7ron
ICQ: 3922133
XMPP:funkat...@gmail.com
On Jun 16, 12:51 pm, Justyn Howard wrote:
> Thanks Doug - Any additional info to help us know if we comply? My dev is
> out of the
All we ask is that you include a valid HTTP Referrer and/or a User Agent
with each request which is easy to do in almost every language. Both would
be helpful but we only require one at this time. We simply want to be able
to identify apps and have the ability to communicate with the authors.
Than
Thanks Doug - Any additional info to help us know if we comply? My dev is
out of the country on vacation and want to make sure we don¹t miss anything.
On 6/16/09 11:33 AM, "Doug Williams" wrote:
> Hi all,
> The Search API will begin to require a valid HTTP Referrer, or at the very
> least, a me
37 matches
Mail list logo
