hh:mm:ss from the result-created_at?
2) how to get the time in a specified time-zone, like UTC-03 (Brazil)?
Have you considered the PHP manual, for example here
http://www.php.net/manual/en/function.date.php
Thank you.
--
Bernd Stramm
bernd.str...@gmail.com
the missing twitter post is because of this:
Twitter Message from raffi a.k.a raffi
sent on Tue May 25 01:09:27 2010
Curious how to do uploadAndPost in OAuth Echo? http://post.ly/hEdl
Where raffi explains who uploadAndPost *will* work.
Any comments ? Advice ?
--
Bernd Stramm
bernd.str
.
Is there any consideration for this? Basically all that would be needed
is an API entry point where the consumer says thanks but no more,
signed and verified as normal.
--
Bernd Stramm
bernd.str...@gmail.com
Mar 1981 05:00:00 GMT
on replies with good status. Nothing going wrong, auth works fine.
Just a funny looking date in there. Is that sombody's epoch? It looks
vaguely familiar.
--
Bernd Stramm
bernd.str...@gmail.com
)
Tell your browser to send a User Agent string that says its a mobile.
Maybe there is an undocumented parameter we can use? Something like:
http://twitter.com/oauth/authorize?mobile=1oauth_token=123abc
--
Bernd Stramm
bernd.str...@gmail.com
I would advise users to not use any of the twitter environment and
surroundings for banking transactions. And if embarrassing pics
surface, at least users have plausible deniability.
Be safe,
Bernd
--
Bernd Stramm
bernd.str...@gmail.com
On Sun, 30 May 2010 11:14:54 -0700
Abraham Williams 4bra...@gmail.com wrote:
On Sun, May 30, 2010 at 11:01, Bernd Stramm bernd.str...@gmail.com
wrote:
The user does trust the app, otherwise they would not be using it.
The problem with the scheme of using the app *and* a browser
large backlog of
xAuth requests right now and only very few resources available to
process the queue. They'll be handled as quickly as we can.
Can any of you see your pending tickets on this page?
http://support.twitter.com/tickets
yes I can see mine. It contains the email I sent.
--
Bernd
easy. If an intruder can then also capture an
authorization token, they can post fake tweets and get the user in
trouble. Or get the application blacklisted, or both.
Being able to actively expire an authorization token would help protect
against this.
Be safe,
Bernd
--
Bernd Stramm
bernd.str
, and that device at some point has
to generate the consumer secret in clear text, so it can be signed. An
intruder can examine the code and intercept the secret.
--
Bernd Stramm
bernd.str...@gmail.com
that don't update will continue to work, they will just display
something different than they do now.
--
Bernd Stramm
bernd.str...@gmail.com
by making
human readable links?
If an application wants to provide the original intent of the user, it
is forced (by ToS), to present a link that doesn't go to where it says
it does. That is problematic, the application acts as spyware.
--
Bernd Stramm
bernd.str...@gmail.com
that is marked as a link, for example
http://nasa.gov;, and it does not go to nasa.gov.
If a user clicks on the link saying nasa.gov, it goes to t.co,
which does business with a third party, not telling the user anything
about it.
How is that *not* deceptive?
On Jun 9, 9:45 pm, Bernd Stramm bernd.str
the
really strong signals. That narrows what you can find, and you risk
that eventually you find only obvious things.
--
Bernd Stramm
bernd.str...@gmail.com
can get the list of user who have authorize my
application.
Along the same lines: for my case, I don't particularly care about the
identity of users, but it could be interesting to just know the number
of users.
--
Bernd Stramm
bernd.str...@gmail.com
you can make it harder to just grab the key/secret pair of open
source application A and implement application B, pretending to be A.
But what does that buy you? What does that protect against?
--
Bernd Stramm
bernd.str...@gmail.com
wait.
Oh well, why bother.
--
Bernd Stramm
bernd.str...@gmail.com
the program.
The oauth system comes from client/server concepts and client/server
thinking. In that scenario, the authentication is between one client
and two servers. That is not the case with most desktop/mobile apps.
--
Bernd Stramm
bernd.str...@gmail.com
. They are no different than browsers in this respect.
--
Bernd Stramm
bernd.str...@gmail.com
that says http://this.that.com;.
--
Bernd Stramm
bernd.str...@gmail.com
location for more than 5 years. The satellite image, with a
copyright of 2010, still doesn't show the building.
--
Bernd Stramm
bernd.str...@gmail.com
question:
why is that the Ruby default? Did they Ruby author forget the year and
then decided to tack it on the end?
--
Bernd Stramm
bernd.str...@gmail.com
to that of a popular
smart phone, and you get a nice little login page.
--
Bernd Stramm
bernd.str...@gmail.com
that it should be
possible to invalidate tokens.
Bernd
--
Bernd Stramm
bernd.str...@gmail.com
--
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api
.
Bernd
--
Bernd Stramm
bernd.str...@gmail.com
--
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group:
http
, but that was some weeks ago.
Tom
On 9/3/10 6:47 PM, Bernd Stramm wrote:
On Fri, 3 Sep 2010 01:27:34 -0700 (PDT)
Ken k...@cimas.ch wrote:
I thought I had found a solution, albeit a horrendously ugly one:
redirect them to http://twitter.com/logout, but even that doesn't
work
not what is normally called security.
OAuth as currently done with twitter only works when the app runs on
a small number of secure servers.
--
Bernd Stramm
bernd.str...@gmail.com
--
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http
posting/thread is entered).
Looks like OAuth really works out for Twitter.
Thx a lot guys, but it's time to look for something else than Twitter.
Having enough people using the service and just doing that what you
guys have done is absolutely not amusing.
--
Bernd Stramm
bernd.str
that what you guys have done is absolutely not amusing.
smime.p7s
5KViewDownload
--
Bernd Stramm
bernd.str...@gmail.com
--
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http
this to the Unix
Time of the server (don't do that too often, daily is fine). Later
you can use this offset and add it to the Unix Time of the server to
generate a time that is closer to the Twitter.com one.
Tom
--
Bernd Stramm
bernd.str...@gmail.com
--
Twitter developer documentation
On Sat, 04 Sep 2010 20:34:50 +0200
Tom van der Woerdt i...@tvdw.eu wrote:
On 9/4/10 8:13 PM, Bernd Stramm wrote:
On Sat, 04 Sep 2010 19:02:11 +0200
Tom van der Woerdt i...@tvdw.eu wrote:
On 9/4/10 6:08 PM, rrd wrote:
I have a website which gets friends timeline by twitter api. I use
On Sat, 04 Sep 2010 20:55:19 +0200
Tom van der Woerdt i...@tvdw.eu wrote:
On 9/4/10 8:51 PM, Bernd Stramm wrote:
On Sat, 04 Sep 2010 20:34:50 +0200
Tom van der Woerdt i...@tvdw.eu wrote:
On 9/4/10 8:13 PM, Bernd Stramm wrote:
On Sat, 04 Sep 2010 19:02:11 +0200
Tom van der Woerdt i
32 matches
Mail list logo