I've seen this same (I believe) bug manifested in different ways, and
it's come up on this list before. Twitter are apparently storing some
sort of "return_to" URL or similar in your session, and sending you to
it at inopportune times.

A great way to see it in action is to click on the "Block this user"
link when you get a new follower email; after confirming the block,
you wind up at some random page you visited in the past (well, not
completely random, it'll generally be the most recent page you visited
besides the block page).


On Jul 15, 9:52 am, Scott Carter <scarter28m-goo...@yahoo.com> wrote:
> I believe that I have discovered a reproducible OAuth related bug.
>
> 1. Sign out of your Twitter account (from Twitter.com).
> 2. Authenticate an app using OAuth (haven't tried authorize flow with
> this issue).
> 3. Go to Twitter.com and login to a different account than used in
> step 2.
>
> I see the message:
>
> "Woah there!
>
> This page requires some information that was not provided. Please
> return to the site that sent you to this page and try again … it was
> probably an honest mistake."
>
> with the page URL showing:  https://twitter.com/oauth/authenticate
>
> When I revisit twitter.com, I am logged into the account from step 3.
>
> - Scott
> @scott_carter

Reply via email to