Guys, I didnt understand how can i do that? Can you tell me clearly please ............
On May 12, 8:04 am, Zack Ham <[email protected]> wrote: > If all they need is a better disclaimer I wouldn't dismiss it though. > What kind of attack do you mean? The alternative is storing the > username and password and I can't imagine that wouldn't be > vulnerable? Unless you're talking about something on the twitter end? > > - Zack > > On May 11, 2009, at 5:47 PM, Julian Leviston wrote: > > > I'm not so sure. > > > I recently was on twitter, and I saw an oauth thing (user point of > > view) for some app, and my default reaction was to freak out and > > close the window - it didn't explain well enough that my password > > wasn't going to be sent through to the third party. I immediately > > felt like I had no idea of where my username and password might be > > given... > > > Also, if you look through the twitter wiki's post comments, someone > > mentions server side scripting attack possibility. Isn't it a > > possibility? > > > Julian. > > > On 12/05/2009, at 3:05 AM, Zack Ham wrote: > > >> Good call, OAuth is definitely the right way to do this now. > > >> My simple solution is applicable if the original poster doesn't > >> care and has no interest in changing things (they said they already > >> are accepting usernames and passwords). > > >> - Zack > > >> On May 11, 2009, at 9:38 AM, Timothy Caraballo wrote: > > >>> Wouldn't it be better to use Twitter's OAuth API at this point? > >>>http://apiwiki.twitter.com/OAuth+Example+-+Ruby > > >>>> On May 11, 2009 12:32 PM, "Zack Ham" <[email protected]> wrote: > > >>>> Here's a simple example that does this using the HTTParty gem: > > >>>> In your controller to post the tweet: > > >>>> twitter = Twitter.new(username, password) > >>>> twitter.post(message) > > >>>> And here is the Twitter class: > > >>>> require 'httparty' > >>>> class Twitter > >>>> include HTTParty > >>>> base_uri 'twitter.com' > > >>>> def initialize(u=nil, p=nil) > >>>> @auth = {:username => u, :password => p} unless u.nil? || > >>>> p.nil? > >>>> end > > >>>> def post(text) > >>>> self.class.basic_auth @auth[:username], @auth[:password] > >>>> self.class.post('/statuses/update.json', :query => {:status => > >>>> text}) > >>>> end > >>>> end > >>>> On May 11, 2009, at 5:55 AM, cool wrote: > > Guys, > > I need a > >>>> help very badly in this issue... --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "merb" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/merb?hl=en -~----------~----~----~----~------~----~------~--~---
