Actually, I see this "functionality" as a potential security/privacy hole. I can imagine at least a couple of nefarious things websites can do by being able to detect the presence of a twitter user on their site... I remember bringing up a very similar issue with Alex earlier last year which was removed from the site. Is this behavior intentional?
-Chad On Mon, Jan 5, 2009 at 10:49 AM, Chris Heilmann <[email protected]> wrote: > > I've just played around with the user timeline to show data when the > user is logged in (http://www.wait-till-i.com/2009/01/05/detecting-and- > displaying-the-information-of-a-logged-in-twitter-user/, specifically > http://icant.co.uk/sandbox/twitter-hi-demo.html). > > This is pretty cool, and kudos to your security that when the user is > not authenticated I get a popup to authenticate. > > However, this is the problem of the script. Is there an idea of > allowing a "twitter status" API call that only would allow me to see > if the current user is authenticated? It would be useful to build for > example WordPress add-ons that only give twitter functionality when we > know the user is authenticated. > > A boolean would do, really. Or turning off the automatic login request > on the json and callback output and instead throw back an error. > > If I curl the user timeline I get this error, but not when I use the > JSON callback. > > cheers > chris >
