Hi Brian,
Thank you, I just noticed the new OAuth specification.
I'll read the specification first and see if there is any workaround
available :-)

On Feb 12, 5:40 pm, Brian Smith <br...@briansmith.org> wrote:
> yegle wrote:
> > Basically, a API proxy script works as a middleman between twitter and
> > twitter client, little like man-in-the-middle attack.It's possible to
> > do this if the authentication is made in HTTP basic auth.But there is
> > no way to do the same thing with OAuth. The base string of an OAuth
> > request contains the domain of the HTTP request, so all client
> > developers modify their code if they want to suite the need of API
> > proxy.
> > This is really a disaster for all Chinese twitter users.
> Read Raffi's post from a few hours ago entitled "What's up with OAuth?"
> where he describes xAuth. Also, look at the OAuth WRAP draft
> specification, which defines something very similar to xAuth. In the
> (near) future, Twitter-approved applications will be able to get OAuth
> authorized with just the user's username and password, without forcing
> the user to visit the Twitter website. After they are authorized, they
> can proxy their requests like before. The proxies will undoubtedly need
> to be modified, but the modifications will not be too bad.
> - Brian

Reply via email to