[twitter-dev] Totally baffling issue with Opera and OAuth
I'm stumped. My app is up and running locally, and I have an /etc/ hosts entry pointing local.mydomain.com to 127.0.0.1. My configuration at Twitter has my callback at http://local.mydomain.com/auth/complete. My starting point is http://local.mydomain.com/auth/start. When I run through the process with Firefox, Internet Explorer, or Safari (all on Windows), everything works beautifully. When I try with Opera, I get to the Twitter allow/deny page, and when I click the Allow button I can see that the browser briefly does something, but then it doesn't go anywhere. I'm left staring at the allow/deny page. The deny button, though, works fine. This behavior is the same whether I'm already signed into Twitter or not. Looking at my app log, I can plainly see the browser never came back to my /auth/complete method, it stayed with Twitter. But when I run through authentication using Opera with any of the live demo apps listed at http://apiwiki.twitter.com/OAuth-Examples, they work fine. Why the heck would the allow button not work only with my app and only with Opera? I've tried clearing out all caches and cookies and nothing has made a difference. I'm grasping at straws here. Anybody got one?
[twitter-dev] Re: Question on Whitelisting
On Apr 25, 9:08 pm, Cameron Kaiser spec...@floodgap.com wrote: This has changed and I stand corrected; it is documented also on http://apiwiki.twitter.com/Rate-limiting Thanks for the documentation pointer, I hadn't realized that was there. It's surprising, it turns out that if you're going to be making lots of auth'd requests on behalf of users, there's a tipping point at which whitelisting begins to work against you, and it's at only 200 simultaneous users. If you're gonna be above that, you're better off not being whitelisted.
[twitter-dev] Re: Question on Whitelisting
If your app gets to the point where you are hitting 20k limit you should a) re-engineer your caching and b) talk to Twitter. On Sat, Apr 25, 2009 at 22:54, Bill Kocik bko...@gmail.com wrote: On Apr 25, 9:08 pm, Cameron Kaiser spec...@floodgap.com wrote: This has changed and I stand corrected; it is documented also on http://apiwiki.twitter.com/Rate-limiting Thanks for the documentation pointer, I hadn't realized that was there. It's surprising, it turns out that if you're going to be making lots of auth'd requests on behalf of users, there's a tipping point at which whitelisting begins to work against you, and it's at only 200 simultaneous users. If you're gonna be above that, you're better off not being whitelisted. -- Abraham Williams | http://the.hackerconundrum.com Hacker | http://abrah.am | http://twitter.com/abraham Web608 | Community Evangelist | http://web608.org This email is: [ ] blogable [x] ask first [ ] private.
[twitter-dev] Re: Totally baffling issue with Opera and OAuth
I can confirm the same behavior affecting ONLY opera. I scp'ed the files to a server with public dns entry...it worked fine there. I see an entry in my access log on the page with the authorization link. After clicking approve, I don't see anything in my access or error logs. On Apr 25, 9:35 pm, Bill Kocik bko...@gmail.com wrote: I'm stumped. My app is up and running locally, and I have an /etc/ hosts entry pointing local.mydomain.com to 127.0.0.1. My configuration at Twitter has my callback athttp://local.mydomain.com/auth/complete. My starting point ishttp://local.mydomain.com/auth/start. When I run through the process with Firefox, Internet Explorer, or Safari (all on Windows), everything works beautifully. When I try with Opera, I get to the Twitter allow/deny page, and when I click the Allow button I can see that the browser briefly does something, but then it doesn't go anywhere. I'm left staring at the allow/deny page. The deny button, though, works fine. This behavior is the same whether I'm already signed into Twitter or not. Looking at my app log, I can plainly see the browser never came back to my /auth/complete method, it stayed with Twitter. But when I run through authentication using Opera with any of the live demo apps listed athttp://apiwiki.twitter.com/OAuth-Examples, they work fine. Why the heck would the allow button not work only with my app and only with Opera? I've tried clearing out all caches and cookies and nothing has made a difference. I'm grasping at straws here. Anybody got one?
[twitter-dev] Yet another from my app related question
Hello Twitter developers, I hope I'm not duplicating my message... I sent it twice by Email but I got posting errors replied back by Google. I apologise in advance for this question. I read the notice on the welcome page and I hesitated before sending my Email but well. I really didn't find my answer anywhere. I am using CURL to post a status update. It means that I don't use OAuth and my authentication is Basic. However, I'd like to be able to post my update with the name of my application. Is this possible? Or do I inevitably need an instance of either PHP, Perl, Python or something similar... The current version of my app is only ment to be some kind of proof of concept. About my app: It is a small server side phone aplication that allows you to post voice clips as status update, using a regular phone, as long as the phone number used to dial in is linked to a Twitter account. My updates are public and you can see how it looks like on http://twitter.com/ekavun. Thanks for your help. Cheers, Emrah
[twitter-dev] Signup URL?
Which URL should I use to link to Twitter's signup page on a iPhone? I tried http://twitter.com/signup but this results in a error Extra content at the end of the document in Safari. When using http://twitter.com or http://m.twitter.com, the user lands on a sign in page for mobile devices. On this sign in isn't any Sign up or Join link. So this doesn't seem a got URL to land on for signing up either. Any advice? Cheers, Eberhard
[twitter-dev] Re: Totally baffling issue with Opera and OAuth
Does Opera use its own DNS servers and/or skip local hostfile lookups? I know Chrome does some DNS trickery like this, but I'm not sure about Opera. It sounds like it should work, though, since you can get your local site to load by going to local.mydomain.com right? -Chad On Sun, Apr 26, 2009 at 4:33 AM, jmathai jmat...@gmail.com wrote: I can confirm the same behavior affecting ONLY opera. I scp'ed the files to a server with public dns entry...it worked fine there. I see an entry in my access log on the page with the authorization link. After clicking approve, I don't see anything in my access or error logs. On Apr 25, 9:35 pm, Bill Kocik bko...@gmail.com wrote: I'm stumped. My app is up and running locally, and I have an /etc/ hosts entry pointing local.mydomain.com to 127.0.0.1. My configuration at Twitter has my callback athttp://local.mydomain.com/auth/complete. My starting point ishttp://local.mydomain.com/auth/start. When I run through the process with Firefox, Internet Explorer, or Safari (all on Windows), everything works beautifully. When I try with Opera, I get to the Twitter allow/deny page, and when I click the Allow button I can see that the browser briefly does something, but then it doesn't go anywhere. I'm left staring at the allow/deny page. The deny button, though, works fine. This behavior is the same whether I'm already signed into Twitter or not. Looking at my app log, I can plainly see the browser never came back to my /auth/complete method, it stayed with Twitter. But when I run through authentication using Opera with any of the live demo apps listed athttp://apiwiki.twitter.com/OAuth-Examples, they work fine. Why the heck would the allow button not work only with my app and only with Opera? I've tried clearing out all caches and cookies and nothing has made a difference. I'm grasping at straws here. Anybody got one?
[twitter-dev] Re: Question on Whitelisting
FYI, I suspect there's some bugs in the whitelisting code because Twitter Karma is whitelisted and periodically I get back 400 rate limit failures in response to requests from my whitelisted IP. If I'd exhausted my IP's whitelisted request quota, ALL subsequent requests should fail, right? This phrase from the wiki page leads me to believe this: IP whitelisting takes precedence to account rate limits. Requests from a whitelisted IP address made on a user's behalf will be deducted from the whitelisted IP's limit, not the users. However, these rate limit failures are happening sporadically. I'm guessing there's some web hosts in the farm that are broken in some way, missing the correct whitelisting data, etc. On 4/25/09 11:54 PM, Bill Kocik wrote: On Apr 25, 9:08 pm, Cameron Kaiserspec...@floodgap.com wrote: This has changed and I stand corrected; it is documented also on http://apiwiki.twitter.com/Rate-limiting Thanks for the documentation pointer, I hadn't realized that was there. It's surprising, it turns out that if you're going to be making lots of auth'd requests on behalf of users, there's a tipping point at which whitelisting begins to work against you, and it's at only 200 simultaneous users. If you're gonna be above that, you're better off not being whitelisted. -- Dossy Shiobara | do...@panoptic.com | http://dossy.org/ Panoptic Computer Network | http://panoptic.com/ He realized the fastest way to change is to laugh at your own folly -- then you can let go and quickly move on. (p. 70)
[twitter-dev] Re: Totally baffling issue with Opera and OAuth
On Apr 26, 8:34 am, Chad Etzel jazzyc...@gmail.com wrote: Does Opera use its own DNS servers and/or skip local hostfile lookups? I know Chrome does some DNS trickery like this, but I'm not sure about Opera. Opera has no trouble finding the starting point (local.mydomain.com/ auth/start) and redirecting to Twitter. It just won't come back. Taking a cue from jmathai, I set my app's callback to http://www.aol.com and went through the auth process. This time the Allow button sent me to AOL. My guess: Opera doesn't like being redirected to 127.0.0.1. I'll ask in the Opera forums and report back here for interested parties. I theorized about that at one point, but since when I clicked Allow I never saw my app amongst the apps I'd authorized in my account settings I assumed that wasn't it. I would think the POST to Twitter that button performs would have set that app as authorized even if the subsequent redirect didn't work.
[twitter-dev] Re: Yet another from my app related question
Hi, Does anybody here know some command line utilities to use the Twitter API with OAuth? My aim is to: - Authorize my app - Store the token - Use the token to make status updates Thanks, Emrah -- Emrah KAVUN # rfc822: e...@ekanet.net | rfc3261: 41225886...@devel.kavun.ch # OpenPGP Key Fingerprint = ECB7 ED46 441D FAA6 66AE 4BD4 C45D 5F23 0634 1911 signature.asc Description: Digital signature
[twitter-dev] Re: Totally baffling issue with Opera and OAuth
The official word from Opera is that it's an Opera thing: A host having an IP address that is either in the intranet range, or in the public network range (that is, not localhost) cannot access or automatically initiate resources on localhost, this includes redirects. The action have to be manual. (additionally, if the localhost server refuse access, requests to a hostname that is not localhost will just result in a blank resource, as that method is used for adbusting) Similarly, a host on a public network cannot automatically access resources on servers in the intranet range. Both these are implemented for security reasons, as this type access and redirects can be used to attack servers that are not otherwise available to the public network, and which as a result may have reduced defences against attacks (after all, they are behind the firewall). http://my.opera.com/community/forums/findpost.pl?id=2968737 Sorry for polluting the Twitter API thread with what turns out to be a browser feature, but at least now we all know. This really threw me last night.
[twitter-dev] some user cant send reply's ?
hi I have 2 users from one i am doing some api test but the reply's from him don't get to the other user i did sent reply's from my app and from web but i my main user time line i am not seeing them what are the problems? -- victor http://apostolvictor.info
[twitter-dev] Twitter shortcuts return nothing useful in API
I did this: curl -u kellyterryjones:xx http://twitter.com/statuses/update.xml -d 'statu\ s=D+canageek+Ignore+this+test+golf' w/ my real password. It DM'd my friend (follower) canageek, but it returned my last public tweet, not Ignore this test golf. I then replaced canageek w/ britneyspears and got the same result, instead of an error saying britneyspears isn't following me. Even worse, when I do: curl -u kellyterryjones:xx http://twitter.com/statuses/update.xml -d 'statu\ s=STATS' I don't get any STATS on myself. In fact, all of the shortcuts at the bottom of: http://help.twitter.com/portal seem to return my last public tweet. Am I doing this wrong? I realize things like FOLLOW foo actually do follow foo, but shouldn't it return something more useful than my last public tweet? -- We're just a Bunch Of Regular Guys, a collective group that's trying to understand and assimilate technology. We feel that resistance to new ideas and technology is unwise and ultimately futile.
[twitter-dev] Encrypting tweets using public keys and MIME64
Encrypting tweets using public keys and MIME64 seems easy enough, eg: http://www.c0t0d0s0.org/archives/5330-Encrypted-direct-messages-in-Twitter.html Has any client implemented something like this? -- We're just a Bunch Of Regular Guys, a collective group that's trying to understand and assimilate technology. We feel that resistance to new ideas and technology is unwise and ultimately futile.
[twitter-dev] Re: Encrypting tweets using public keys and MIME64
On 4/26/09 4:59 PM, Kelly Jones wrote: Encrypting tweets using public keys and MIME64 seems easy enough, eg: http://www.c0t0d0s0.org/archives/5330-Encrypted-direct-messages-in-Twitter.html Has any client implemented something like this? This is brilliant, as long as it's transported using a RFC1149-based layer. *plonk* -- Dossy Shiobara | do...@panoptic.com | http://dossy.org/ Panoptic Computer Network | http://panoptic.com/ He realized the fastest way to change is to laugh at your own folly -- then you can let go and quickly move on. (p. 70)
[twitter-dev] Data quality support issues?
Hi, Where should Twitter data quality support issues be sent? I'm finding that there are some users who are Mysteriously Unnamed such as this fellow: http://twitter.com/users/show/34555633.xml user id34555633/id nameMysteriously Unnamed/name screen_name/ location/ description/ profile_image_url http://static.twitter.com/images/default_profile_normal.png /profile_image_url url/ protectedfalse/protected followers_count12/followers_count profile_background_color9ae4e8/profile_background_color profile_text_color00/profile_text_color profile_link_colorff/profile_link_color profile_sidebar_fill_colore0ff92/profile_sidebar_fill_color profile_sidebar_border_color87bc44/profile_sidebar_border_color friends_count769/friends_count created_atThu Apr 23 06:49:03 + 2009/created_at favourites_count0/favourites_count utc_offset/ time_zone/ profile_background_image_url http://static.twitter.com/images/themes/theme1/bg.gif /profile_background_image_url profile_background_tilefalse/profile_background_tile statuses_count0/statuses_count notificationsfalse/notifications followingfalse/following /user -- Dossy Shiobara | do...@panoptic.com | http://dossy.org/ Panoptic Computer Network | http://panoptic.com/ He realized the fastest way to change is to laugh at your own folly -- then you can let go and quickly move on. (p. 70)
[twitter-dev] Re: Data quality support issues?
Perhaps it's a person who has only been using twitter with their phone? ...so screen name, etc, hasn't been setup yet...? -chad On Sun, Apr 26, 2009 at 6:33 PM, Dossy Shiobara do...@panoptic.com wrote: Hi, Where should Twitter data quality support issues be sent? I'm finding that there are some users who are Mysteriously Unnamed such as this fellow: http://twitter.com/users/show/34555633.xml user id34555633/id nameMysteriously Unnamed/name screen_name/ location/ description/ profile_image_url http://static.twitter.com/images/default_profile_normal.png /profile_image_url url/ protectedfalse/protected followers_count12/followers_count profile_background_color9ae4e8/profile_background_color profile_text_color00/profile_text_color profile_link_colorff/profile_link_color profile_sidebar_fill_colore0ff92/profile_sidebar_fill_color profile_sidebar_border_color87bc44/profile_sidebar_border_color friends_count769/friends_count created_atThu Apr 23 06:49:03 + 2009/created_at favourites_count0/favourites_count utc_offset/ time_zone/ profile_background_image_url http://static.twitter.com/images/themes/theme1/bg.gif /profile_background_image_url profile_background_tilefalse/profile_background_tile statuses_count0/statuses_count notificationsfalse/notifications followingfalse/following /user -- Dossy Shiobara | do...@panoptic.com | http://dossy.org/ Panoptic Computer Network | http://panoptic.com/ He realized the fastest way to change is to laugh at your own folly -- then you can let go and quickly move on. (p. 70)
[twitter-dev] Re: Data quality support issues?
On 4/26/09 6:45 PM, Chad Etzel wrote: Perhaps it's a person who has only been using twitter with their phone? ...so screen name, etc, hasn't been setup yet...? Interesting - what do user records look like that have been created via SMS? Also: that's a clever way for these spambots to programmatically create Twitter accounts. Suckage. -- Dossy Shiobara | do...@panoptic.com | http://dossy.org/ Panoptic Computer Network | http://panoptic.com/ He realized the fastest way to change is to laugh at your own folly -- then you can let go and quickly move on. (p. 70)
[twitter-dev] Re: Yet another from my app related question
Hi, I can see aplications made in 2007 with the from my app appended. Any hint on how I can specify the source without OAuth? I am using OAuth with great satisfaction but I still annoys me to rely on a Web token/platform. Thanks, -- Emrah KAVUN e...@ekanet.net signature.asc Description: Digital signature
[twitter-dev] Re: Yet another from my app related question
No, you cannot. Source parameter registration has been depricated for non-OAuth apps. http://groups.google.com/group/twitter-development-talk/browse_thread/thread/ce57405a08483877/715c330a15e4968d -Chad On Sun, Apr 26, 2009 at 5:54 PM, Emrah e...@ekanet.net wrote: Hi, I can see aplications made in 2007 with the from my app appended. Any hint on how I can specify the source without OAuth? I am using OAuth with great satisfaction but I still annoys me to rely on a Web token/platform. Thanks, -- Emrah KAVUN e...@ekanet.net -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) iQIcBAEBAgAGBQJJ9NgjAAoJEMRdXyMGNBkRBPUP/2PvL+dOCUyHgfKZapEg6LkW Nv7zBcJ9kQjNs1fttvWSemzlzEwuKd9Gk0un8HBdeuMy/maoMJvp5kcFyHpxplOq FIolQaNhIgGRNwAQmQyuZwKzKKc0/Yh6lcMtjs88Dx6dYjKsr/DTDXXpsNNpsIMf R7IuSnrEJ+J1g/YkinGQKWNI7A20YoTBY4VeYP8YnAzoUaQ4/6E7SvFaWcYzs/yq SVeSFzL+6ablmVXVieau4ed4KelWRxPNLpqyIvDxeEKijwM6AX2VZLTrw6aTs4Bn BDH0an4Vfjct0dXMOz9SyfTd+RiSh2kXSeZX8cuDsr+dgwM8ks3fgL1oZql7Y+8X TDutf9zABuIRIwuOpcgv7u55eCYYzZj09liaA0S0VrPigpP+QeVHm7R/AHu10T3V O4nRGUu5S86DOof1tQP4nGTasWJi7Ig9/jfjm5p81QaX/EV3OwhXWPDV39iR4Bd7 HylyjzLuXFd3XmKz+m47Z5zPrx5DYgpcg2D/9djB1GGas5AduzRJkgAtNjJD4mTJ dt54lIWP+p/gpKgqeMKsDCEfVTyPKMUVAS5YNPts6VtgC7hpLwZWZTXx1BzWSjUb 94UAQexMfyTziU5yNy0y95E0ypoYiQvqrEHuUop1CMNPkxiYGQwYrm8dEonB5P6k WUISca5sLILHFQBhZFkC =iabd -END PGP SIGNATURE-
[twitter-dev] Confirming whitelisting status
Hi, How can an application confirm its whitelisting status? I thought my IP was whitelisted, but when I make authenticated requests from my IP, I often see HTTP 400 rate limit error responses to the REST API. The same user can auth. from their Twitter client app. from a different IP and does not receive a rate limit response. Specifically, it appears like the social graph methods don't respect my IP whitelisting status. Is that possible? -- Dossy Shiobara | do...@panoptic.com | http://dossy.org/ Panoptic Computer Network | http://panoptic.com/ He realized the fastest way to change is to laugh at your own folly -- then you can let go and quickly move on. (p. 70)
[twitter-dev] do all twitter(and search) api support https protocol as well?
do all twitter(and search) api support https protocol as well?
[twitter-dev] Re: do all twitter(and search) api support https protocol as well?
do all twitter(and search) api support https protocol as well? Yes. And it is strongly recommended you use it, especially with Basic Auth. -- personal: http://www.cameronkaiser.com/ -- Cameron Kaiser * Floodgap Systems * www.floodgap.com * ckai...@floodgap.com -- Out of my mind (back in an hour). --
[twitter-dev] Re: do all twitter(and search) api support https protocol as well?
Search does not and need not :) On Apr 27, 6:40 am, Eric.Archangel eric.archan...@gmail.com wrote: do all twitter(and search) api support https protocol as well?
[twitter-dev] Re: Callback url during development
How are you able to set this up for a non-standard port? HOSTS file is just for the domain/authority, and you can't specify a port in the callback URL on the settings page? On Apr 23, 7:31 pm, Jochen Kaechelin giss...@gissmog.de wrote: Am 24.04.2009 um 00:29 schrieb Paul Kinlan: Hi, During development I tend to modify my hosts file to point the callback URL domain to my box for instance. This is quite good because all it affects is my box. I just had the same idea ... ;-) Works as expected now!!! Thanx Paul On 23 Apr 2009, at 23:16, Abraham Williams 4bra...@gmail.com wrote: The oauth_callback parameter was just disabled do to security issues. Currently only the registered callback works. If you need a different callback location for development set up a second application. On Thu, Apr 23, 2009 at 17:12, Jochen Kaechelin giss...@gissmog.de wrote: Am 22.04.2009 um 15:37 schrieb Abraham Williams: Also when you are building the authorize url to send users to twitter.com you can add oauth_callback=http://localhost/callback; and that will override your applications registered callback. OAuth::Consumer.new(xx, xx, { :site=http://twitter.com/oauth/authorize?oauth_callback=http://localhost:30... }) I can see the site where I have to Deny or Allow access. When I click Allow I will be redirected to the Domain which I entered in the OAUTHClients Registration Form (http://www.twitter.com/ oauth_cleints) Seems that the oauth_callback parameter does not work! Is it in the wrong place? Any hints!? Thanx -- Abraham Williams |http://the.hackerconundrum.com Hacker |http://abrah.am|http://twitter.com/abraham Web608 | Community Evangelist |http://web608.org This email is: [ ] blogable [x] ask first [ ] private. Sent from Madison, Wisconsin, United States