Hehe, I am not sure if there is anything you can do other than support cookies again :)
From an API point of view for itsabot I need to be able to detect the current twitter user, whilst the rest of the functionality is accessed through a proxy using my account and auth details. I think that it would be good if http referrers to the api could be whitelisted so that the request could be authenticated but only from sites approved by twitter. If there were a referral Whitelist it could be used to reduce the number of proxy calls I need to make and could also be used to reduce the chance that people use my proxy for nefareous means. The good thing about cookies for GET requests is that I don't need to ask twitter users for any of their details. From a twollo point of view, several thousand users have used their password details on the service, now I have to manage and secure this so that it can auto follow on their behalf. In light of recent incidents by other services (although it hasn't deterred users of twollo) I would like to see methods where users can trust my application to add followers, for instance, without the need for their twitter details. Kind regards, Paul Kinlan On 9 Jan 2009, at 22:03, "Alex Payne" <[email protected]> wrote: > > Apologies. If there's some way that we can help within the realm of > API methods that we support, let me know. > > On Fri, Jan 9, 2009 at 11:39, Paul Kinlan <[email protected]> > wrote: >> >> It's unfortunate, because it did work before yesterday. >> >> I can no longer get the user timeline without a) asking them for a >> username and b) using a proxy account. >> >> It is unfortunate again because I have created www.twollo.com which >> requires a users username and password and I have been hoping to move >> away from that, and now www.itsabot.com no longer has the >> interactivity it once had. >> >> I will have to work around it but it just won't be as good and I am >> not to pleased because I have 4 more projects in the pipeline that I >> am putting on ice. >> >> Regards, >> Paul >> >> >> On 9 Jan 2009, at 19:02, "Alex Payne" <[email protected]> wrote: >> >>> >>> Cookie support was, as you mentioned, never actually support, and >>> it's >>> definitely disabled. There's a method you can use to find if the >>> user >>> is logged in, but not WHO the user is. That's intentional. >>> >>> On Fri, Jan 9, 2009 at 10:33, Paul Kinlan <[email protected]> >>> wrote: >>>> Hi, >>>> >>>> I am seeing problems using the JSON api calls to >>>> statuses/user_timeline.json?suppress_response_codes=1 from a >>>> webpage >>>> (www.itsabot.com) are now comming back saying that the call >>>> requires >>>> authentication where as in the past the auth cookie went accross >>>> with the >>>> request from a SCRIPT tab and the data came back. >>>> >>>> Now I know "cookie auth" is not supported, but I find it hard to >>>> perform any >>>> form of useful "hands off" interaction without. Can you clarify >>>> that cookie >>>> support to JSON endpoints no longer work? >>>> >>>> Many Kind Regards, >>>> Paul Kinlan. >>>> >>>> >>>> 2009/1/9 Alex Payne <[email protected]> >>>>> >>>>> It's long since fixed. >>>>> >>>>> On Fri, Jan 9, 2009 at 00:51, Paul Kinlan <[email protected]> >>>>> wrote: >>>>>> >>>>>> Hi, >>>>>> >>>>>> I know this is probably a cheeky questions, what is there an eta >>>>>> for >>>>>> the fix? My site www.itsabot.com is getting a lot of >>>>>> authentication >>>>>> problems at the moment. >>>>>> >>>>>> Kind Regards, >>>>>> Paul Kinlan. >>>>>> >>>>>> On Jan 9, 12:33 am, "Alex Payne" <[email protected]> wrote: >>>>>>> This is a bug, deployed as part of a related fix to our handling >>>>>>> of >>>>>>> web sessions vs API authentication. A fix is pending deploy >>>>>>> while we >>>>>>> resolve some issues with our cluster's internal network. >>>>>>> >>>>>>> -- >>>>>>> Alex Payne - API Lead, Twitter, Inc.http://twitter.com/al3x >>>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> Alex Payne - API Lead, Twitter, Inc. >>>>> http://twitter.com/al3x >>>> >>>> >>> >>> >>> >>> -- >>> Alex Payne - API Lead, Twitter, Inc. >>> http://twitter.com/al3x >> > > > > -- > Alex Payne - API Lead, Twitter, Inc. > http://twitter.com/al3x
