You currently can't. Well, at least not in a standard way. The entity making the request has to know the secret. If that entity is the browser, then it has to know the secret. You might be able to do something with gears or other offline storage I guess.
---Mark http://twitter.com/mccv On Wed, Jan 6, 2010 at 3:08 AM, Daniel Silva <danielmartinssi...@gmail.com> wrote: > But how can I made Oauth authentication without exposing my secret key with > javascript? I need to make a http request with secret key, or not? > > 2009/12/31 Phil Plante <phil.pla...@endlesspaths.com> >> >> All that aside, the other problem would be exposing your secret key. >> I am sure you can imagine how terribly bad that can end up... >> >> On Dec 30, 10:57 pm, Hari <hariharanwebm...@gmail.com> wrote: >> > Is it a case of same origin >> > policy....http://en.wikipedia.org/wiki/Same_origin_policy >> > >> > On Dec 10, 8:27 am, Daniel Silva <danielmartinssi...@gmail.com> wrote: >> > >> > >> > >> > > When I trying to do Oauth authentication with jquery it always >> > > receives a >> > > empty response. I'm doing this: >> > >> > > $.ajax({ >> > > beforeSend: function(xhr) { >> > > xhr.setRequestHeader("Authentication", authorizationHeader) >> > > }, >> > > url:'https://twitter.com/oauth/request_token', >> > > type: 'get', >> > > contentType: 'application/x-www-form-urlencoded', >> > > async: false, >> > > success: function(msg){ >> > > alert( "Data: " + msg ); >> > > } >> > >> > > }); >> > >> > > //output --> "Data: " >> > >> > > Can someone help me? >> > > -- >> > > best regards, >> > >> > > Daniel Silva > > > > -- > Cumprimentos, > > Daniel Silva >
