Hi all,
This could be a long email.

I read Raffi's post today,the original post is here:

I think the abandon of HTTP basic auth would be a disaster for all
Chinese twitter users.

The gov of China runs a big censorship system called GFW. Wikipedia
gives more information about GFW here:

GFW blocked many websites like facebook, twitter, youtube, plurk and
so on. So how does Chinese users post tweets from twitter client? We
uses Twitter API proxy.

A twitter API proxy is a simple script which redirect all POST and GET
request it received to twitter.com. These scripts are written in PHP
or Python, so it can be set up on virtual host outside China or on

Basically, a API proxy script works as a middleman between twitter and
twitter client, little like man-in-the-middle attack.It's possible to
do this if the authentication is made in HTTP basic auth.But there is
no way to do the same thing with OAuth. The base string of an OAuth
request contains the domain of the HTTP request, so all client
developers modify their code if they want to suite the need of API

This is really a disaster for all Chinese twitter users.

Reply via email to