Hi, I am trying to wrap my mind around OAuth, and I am not sure I understand the subtleties.
Is it possible to make OAuth authenticated requests from browser *directly*to the Twitter API? Is it a safe & recommended way? Or do all API requests have to go through an application-specific server, to keep the credentials a secret? My hunch is that yes, an app-specific server would be required. But in that case, how do desktop-clients manage it? Or do they also route the calls through an intermediary? thanks in advance, -- Harshad RJ http://hrj.wikidot.com
