[twitter-dev] Re: My Issue with the ReTweet API and my solutions
Will wrote: > My mindset was that why hold back a feature that solves one problem > just because it doesn't solve two. What I didn't take into > consideration is that it creates another problem - disparate methods > of retweeting because people will revert back to the old method of > retweeting when they DO want to comment on the original tweet. That > makes any method of aggregating retweets posted via the API method > incomplete. That is a BIG minus. Almost big enough for me to switch > sides on this issue. You're right on the mark with your comments. Nearly everyone in my Twitter social circle uses RT with added commentary. In most cases they truncate or abbreviate the original message to make room for their addition. A Retweet function without a text attribute is really surprising.
[twitter-dev] Re: twitter api server seems to be down (getting invalid signature) since 5.15 pm pst
No doubt. This is super frustrating. On Jul 27, 8:19 pm, kosso wrote: > agreed. > > please Twitter, tell us WHAT the fix required was. > what should we look for. > > have you tested your 'fix' against all the code examples you link from > the API pages? > > that would be nice. thx. > > I'm getting some posts through. some not. so something's still up/down > > On Jul 27, 8:04 pm, Duane Roelands wrote: > > > You introduced a breaking change into the API with no warning and no > > help for developers as to the specifics of what we need to fix? > > Developers need better support than that. > > > Is there some reason why posting updates to some accounts would work > > and posting to others would not? Using the same code, I'm able to > > post to my development test account but not to my personal account. > > > On Jul 27, 10:59 pm, Doug Williams wrote: > > > > As stated above, some applications were sending invalid signatures which > > > we > > > were accepting as valid. This vulnerability was pointed out by a > > > developer. > > > > Some libraries and code which may have previously worked may be broken by > > > this security fix. > > > > Thanks, > > > Doug > > > > On Mon, Jul 27, 2009 at 7:44 PM, Duane Roelands > > > wrote: > > > > > I am receiving 401 (Unauthorized) when calling > > > >http://twitter.com/statuses/update.xml > > > > and passing the following querystring: > > > > > oauth_consumer_key=[removed] > > > > &oauth_nonce=912352&oauth_signature_method=HMAC- > > > > SHA1&oauth_timestamp=1248748647&oauth_token=19068738- > > > > hKO8qRlHPfJWqRHRkd62dGb4IiyXaXUy35Cqz58&oauth_version=1.0&status=This > > > > +is+a+test&oauth_signature=Fl0kqJdHY5MkvxjUZQ%2bFn%2fxGORo%3d > > > > > This code was working this afternoon and has not been changed. > > > > > On Jul 27, 10:38 pm, goodtest wrote: > > > > > Are we sure there is no further regression bug in this new fix? > > > > > > On Jul 27, 7:14 pm, Doug Williams wrote: > > > > > > > If you are still seeing errors you should check your code to ensure > > > > that you > > > > > > are sending the correct signature. > > > > > > Thanks, > > > > > > Doug > > > > > > > On Mon, Jul 27, 2009 at 7:10 PM, winrich > > > > > > wrote: > > > > > > > > mine broke too. i wonder though, i'm using the oauth python > > > > > > > libraries > > > > > > > > On Jul 27, 6:35 pm, chinaski007 wrote: > > > > > > > > Doug: > > > > > > > > > Does this mean that Marcel made a fix for this? Or rather that > > > > > > > > we > > > > > > > > should examine our code to find the culprit? > > > > > > > > > Thanks, > > > > > > > > Peter Bray > > > > > > > > > On Jul 27, 6:24 pm, Doug Williams wrote: > > > > > > > > > > Updating you guys on this problem. A bug was reported off list > > > > that > > > > > > > informed > > > > > > > > > us we were not always verifying signatures. Today we shipped a > > > > fix for > > > > > > > this > > > > > > > > > problem which ensures that we are correctly verifying > > > > > > > > > signatures. > > > > > > > > > If you are still seeing invalid signature errors you should > > > > examine > > > > > > > > > your code and ensure you are correctly signing requests > > > > > > > > > as per the spec. > > > > > > > > > Thanks, > > > > > > > > > Doug > > > > > > > > > > On Mon, Jul 27, 2009 at 6:05 PM, Doug Williams > > > > > > > > > > > > > > > > wrote: > > > > > > > > > > Marcel is shipping a fix for this as I type. > > > > > > > > > > > Thanks, > > > > > > > > > > Doug > > > > > > > > > > > 2009/7/27 João Pereira > > > > > > > > > > > Same here. > > > > > > > > > > >> On Tue, Jul 28, 2009 at 1:26 AM, goodtest < > > > > goodtest...@gmail.com> > > > > > > > wrote: > > > > > > > > > > >>> twitter api server seems to be down (getting invalid > > > > signature) > > > > > > > since > > > > > > > > > >>> 5.15 pm pst
[twitter-dev] Re: twitter api server seems to be down (getting invalid signature) since 5.15 pm pst
How about letting us know what the changes were...? Apparently I am one of the developers not correctly submitting signatures. I developed my code based on samples in your wiki, and have no clue what is broken with my authentication code (which has been working perfectly for some time.) On Jul 27, 7:59 pm, Doug Williams wrote: > As stated above, some applications were sending invalid signatures which we > were accepting as valid. This vulnerability was pointed out by a developer. > > Some libraries and code which may have previously worked may be broken by > this security fix. > > Thanks, > Doug > > On Mon, Jul 27, 2009 at 7:44 PM, Duane Roelands > wrote: > > > > > I am receiving 401 (Unauthorized) when calling > >http://twitter.com/statuses/update.xml > > and passing the following querystring: > > > oauth_consumer_key=[removed] > > &oauth_nonce=912352&oauth_signature_method=HMAC- > > SHA1&oauth_timestamp=1248748647&oauth_token=19068738- > > hKO8qRlHPfJWqRHRkd62dGb4IiyXaXUy35Cqz58&oauth_version=1.0&status=This > > +is+a+test&oauth_signature=Fl0kqJdHY5MkvxjUZQ%2bFn%2fxGORo%3d > > > This code was working this afternoon and has not been changed. > > > On Jul 27, 10:38 pm, goodtest wrote: > > > Are we sure there is no further regression bug in this new fix? > > > > On Jul 27, 7:14 pm, Doug Williams wrote: > > > > > If you are still seeing errors you should check your code to ensure > > that you > > > > are sending the correct signature. > > > > Thanks, > > > > Doug > > > > > On Mon, Jul 27, 2009 at 7:10 PM, winrich wrote: > > > > > > mine broke too. i wonder though, i'm using the oauth python libraries > > > > > > On Jul 27, 6:35 pm, chinaski007 wrote: > > > > > > Doug: > > > > > > > Does this mean that Marcel made a fix for this? Or rather that we > > > > > > should examine our code to find the culprit? > > > > > > > Thanks, > > > > > > Peter Bray > > > > > > > On Jul 27, 6:24 pm, Doug Williams wrote: > > > > > > > > Updating you guys on this problem. A bug was reported off list > > that > > > > > informed > > > > > > > us we were not always verifying signatures. Today we shipped a > > fix for > > > > > this > > > > > > > problem which ensures that we are correctly verifying signatures. > > > > > > > If you are still seeing invalid signature errors you should > > examine > > > > > > > your code and ensure you are correctly signing requests > > > > > > > as per the spec. > > > > > > > Thanks, > > > > > > > Doug > > > > > > > > On Mon, Jul 27, 2009 at 6:05 PM, Doug Williams > > > > > wrote: > > > > > > > > Marcel is shipping a fix for this as I type. > > > > > > > > > Thanks, > > > > > > > > Doug > > > > > > > > > 2009/7/27 João Pereira > > > > > > > > > Same here. > > > > > > > > >> On Tue, Jul 28, 2009 at 1:26 AM, goodtest < > > goodtest...@gmail.com> > > > > > wrote: > > > > > > > > >>> twitter api server seems to be down (getting invalid > > signature) > > > > > since > > > > > > > >>> 5.15 pm pst
