Wouldn't a regular HTTPS proxy be sufficient? On Fri, Feb 12, 2010 at 11:00 AM, yegle <cnye...@gmail.com> wrote:
> Hi all, > This could be a long email. > > I read Raffi's post today,the original post is here: > > https://groups.google.com/group/twitter-development-talk/browse_thread/thread/c2c4963061422f28 > > I think the abandon of HTTP basic auth would be a disaster for all > Chinese twitter users. > > The gov of China runs a big censorship system called GFW. Wikipedia > gives more information about GFW here: > http://en.wikipedia.org/wiki/Golden_Shield_Project > > GFW blocked many websites like facebook, twitter, youtube, plurk and > so on. So how does Chinese users post tweets from twitter client? We > uses Twitter API proxy. > > A twitter API proxy is a simple script which redirect all POST and GET > request it received to twitter.com. These scripts are written in PHP > or Python, so it can be set up on virtual host outside China or on > GAE. > > Basically, a API proxy script works as a middleman between twitter and > twitter client, little like man-in-the-middle attack.It's possible to > do this if the authentication is made in HTTP basic auth.But there is > no way to do the same thing with OAuth. The base string of an OAuth > request contains the domain of the HTTP request, so all client > developers modify their code if they want to suite the need of API > proxy. > > This is really a disaster for all Chinese twitter users. > -- Harshad RJ http://hrj.wikidot.com