In fact, you could set a threshold per consumer key that you can vary.
In other words, you can then allow a higher percentage XAuth (even
100%) to an app that caters largely to a Chinese market. And 0% or 10%
to an app that caters largely to the USA market.
On Apr 26, 9:43 am, Dewald Pretorius <dpr...@gmail.com> wrote:
> I know it's a compromise. But, it does serve the needs of a very large
> number of users.
> Maybe you could monitor the authentication profile of a web app. If it
> uses more XAuth than OAuth, then you know you need to contact the
> owner. Or, you can set an automated percentage threshold, such as
> "XAuth authentications from a particular consumer key cannot exceed
> 25% of all authentications from that key."
> On Apr 26, 9:36 am, Raffi Krikorian <ra...@twitter.com> wrote:
> > > One solution, which I know won't win the popularity prize, is for
> > > Twitter to relax its XAuth restrictions and allow web apps to use full
> > > OAuth and/or XAuth, depending on what works best for them.
> > > In my case, I will still use full OAuth because it's so much better
> > > than dealing with Twitter credential issues. But, I will add a small
> > > link below the Twitter authorize button on my site that says something
> > > like, "Can't get to Twitter.com?" which then leads to a username-
> > > password entry form, and then triggers an XAuth authorization.
> > unfortunately, this defeats the purpose of oauth :(
> > --
> > Raffi Krikorian
> > Twitter Platform Teamhttp://twitter.com/raffi
> > --
> > Subscription
> > settings:http://groups.google.com/group/twitter-development-talk/subscribe?hl=en