There was a very easy solution, IMHO, to the basic auth issue that I am surprised twitter didn't consider.
1) Add a new field to user profile settings that is "Allow basic authentication for API." Set this to be false by default for all users. You can even set a scary message here discouraging its use. 2) If you try to post to this account with basic auth, it just wont work, and will return a "basic auth is disabled" error. 3) Even basic users would be capable to switching this to true so their app would work. Its not too late twitter. On Sep 13, 10:07 am, isaiah <isa...@mac.com> wrote: > The bonus is that it's a way to still use plain old curl for testing. > Awesome! > > On Sep 13, 9:21 am, Dewald Pretorius <dpr...@gmail.com> wrote: > > > They must have known that this was going to be discovered. We're > > developers. We like building, testing, and breaking stuff. > > > Unequal applications of the rules. Happens all the time. Months after > > you've disabled something at the request of Twitter, you find well- > > known services that do exactly the same thing with apparent impunity > > in a much worse form than you did. > > > On Sep 13, 10:40 am, funkatron <funkat...@gmail.com> wrote: > > > > Read on this post:http://blog.nelhage.com/2010/09/dear-twitter/ > > > > Tested just now:http://gist.github.com/577273 > > > > If I pass "source=twitterandroid", it appears to work on all API > > > methods. > > > > In light of basic auth being "disabled," why does this work? > > > > -- > > > Ed Finklerhttp://funkatron.com > > > @funkatron > > > AIM: funka7ron / ICQ: 3922133 / XMPP:funkat...@gmail.com -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
