Twitter what have you done, it takes WEEKS to get updates through Apple's review process and now you break all apps that use oAuth through embedded browser controls, and yet seriously how is it any different to using xAuth.
Please restore this ASAP! On May 1, 12:54 am, Matthieu GD <[email protected]> wrote: > On Apr 30, 7:13 pm, Tom van der Woerdt <[email protected]> wrote: > > > > > > > On 5/1/11 12:47 AM, Matthieu GD wrote:> On Apr 30, 12:09 pm, Tom van der > > Woerdt<[email protected]> wrote: > > >> I've heard this before. > > > >> It sounds like all UIWebView, WebBrowser and probably Android's WebView > > >> are blocked. This is definitely a *good* thing for security reasons. > > > They are not blocked, it's *only* a problem of layout. > > > Are you sure? A block of CSS saying "html { display: none; }" doesn't > > look like a problem, more like a feature.>> The "workaround" I recommend: > > launch the actual browser, using a > > >> <yourapp>:// link (something like myapplication://tokenDone) as the > > >> return URL. This is a LOT safer for the users. > > > I have the same problem, and I don't see why using a webcontrol is a > > > security problem. Since xauth is the exception, why twitter is making > > > the use of oauth so hard ? > > > You should read the article athttp://goo.gl/xI0PZ > > Not sure if my previous message get trough. > > ok now we know it's insecure. But why removing the page without notice > since it's not easy to deploy a new version of a native application? > We have lived with xAuth (and it's still used by some applications > like full-fledged clients) during several months until oauth was > ready. > > Matthieu -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk
