Thanks for your response,

I would also choose anywhere instead of an own script, but I won't
include Twitter into my website.
I am trying to integrate the Twitter support into my Firefox Addon,
but I don't know how I have to do this.
I think that I can't integrate the Twitter anywhere script into my
plugin.
The security problem wouldn't be so big, because the API key would be
hidden in the FF plugin.
Is there any solution for my "special" problem, or exist there already
anything for Firefox plugins?

Christian

On 18 Jun., 23:42, Taylor Singletary <taylorsinglet...@twitter.com>
wrote:
> Hi Christian,
>
> Unless you're operating in a safe Javascript environment (like Palm's WebOS,
> or using server-side Javascript), it's not recommended to use OAuth 1.0a in
> Javascript because your consumer secret will be in plaintext and easily
> viewed/crawled/scraped/abused.
>
> Aside from security issues, it's also very difficult to accomplish in
> Javascript, as you'll need a library that correctly implements the HMAC-SHA1
> algorithm -- which I've personally not found yet -- but not impossible.
>
> While others on this list might offer some assistance, I recommend not
> trying to use the API with OAuth via Javascript and jQuery and use @Anywhere
> insteadhttp://dev.twitter.com/anywhere
>
> Taylor
>
> On Fri, Jun 18, 2010 at 2:35 PM, cosenary <christianm...@googlemail.com>wrote:
>
> > Hello,
>
> > I'm new to Twitter API and I try to create an easy jQuery script which
> > allows me to load the userprofile data (http://dev.twitter.com/doc/get/
> > account/verify_credentials). I already requested the oauth_token and
> > the oauth_token_secret (with php).
>
> > But I don't know the purpose of the oauth_token and the
> > oauth_token_secret. I tried to make a code with which I have access to
> > Twitter API. (I use this md5 jQuery plugin:
> >http://plugins.jquery.com/files/jquery.md5.js.txt)
>
> > Can someone help me to get along with Twitter API and jQuery.
>
> > My jQuery code:
>
> >      function microtime(get_as_float) {
> >        var now = new Date().getTime() / 1000;
> >        var s = parseInt(now, 10);
> >        return (get_as_float) ? now : (Math.round((now - s) * 1000) /
> > 1000) + ' ' + s;
> >      }
>
> >      function nonce() {
> >        var mt = microtime(true);
> >        var rand = mt_rand();
> >        var md5_hash = $.md5(mt + rand); // md5 jQuery Plugin
> >        return md5_hash;
> >      }
>
> >      // API settings
> >      var access_token = "14152914-
> > cbkQ5eR81FyMGfcenqChF5LWLvClHA8xDUQxlNd";
> >      var consumer_key = "UVITPP0P9C0Ab1XoaiyRqQ";
> >      var signature = "HMAC-SHA1";
>
> >      // API call
> >      var tw_api_url = "http://api.twitter.com/1/account/
> > verify_credentials.json?oauth_token="+access_token
> > +"&oauth_timestamp="+event.timeStamp
> > +"&oauth_consumer_key="+consumer_key
> > +"&oauth_signature_method="+signature+"&oauth_nonce="+nonce();
>
> >      $.post(tw_api_url, function(json) {
> >        alert(json);
> >      }, "json");
>
> > Thanks in advance for your help,
>
> > Christian

Reply via email to