[twitter-dev] Re: Platform Status Update, Tuesday 2:00pm PST

2009-08-18 Thread djc8080

Oops. spoke too soon. Still eradic problems - same symptoms. Incorrect
rate_limit response on statuses/followers when ..ids calls work
perfectly on the same account.


[twitter-dev] Re: Platform Status Update, Tuesday 2:00pm PST

2009-08-18 Thread djc8080

We reported/documented inconsistent, incorrect responses on statuses/
followers, statuses/friends. After a few reboots, to correct
connections that have been left open, all the accounts are working.
We'll be monitoring for any additional problems. Thanks for the fast
response - after our report today.

Hopefully, the problems have been resolved for other developers as
well.


[twitter-dev] Re: Issues with the API this morning?

2009-08-18 Thread bosher

Any update on the random 408 errors. I'm still having frequent
issues.

On Aug 17, 2:13 pm, Alex Payne  wrote:
> Just sent out an update on the sort of information we need to help you
> guys out. We're working on it. Expect things to open up for a bit as
> we tune some settings for the next hour.
>
>
>
>
>
> On Mon, Aug 17, 2009 at 12:07, Sean P. wrote:
>
> > I was starting to worry that something was wrong with Twobile (basic
> > auth). Any news from the mothership on what's happening?
>
> > On Aug 17, 10:42 am, Aaron Forgue  wrote:
> >> My app, too, appears to be blocked. I can't even get status codes -
> >> the requests just timeout with no response.
>
> >> On Aug 17, 12:24 pm, Dewald Pretorius  wrote:
>
> >> > So, the general message is: Mayhem rules.
>
> >> > I have no issues with Basic Auth (on low volume API calls). Login no
> >> > problem.
>
> >> > Dewald
>
> >> > On Aug 17, 1:04 pm, Sean Callahan  wrote:
>
> >> > > The issue we're seeing at TweetPhoto is that no one can login to their
> >> > > account when using basic auth. Was informed by Twitter support that
> >> > > they are aware of the issue and are looking for a fix.
>
> --
> Alex Payne - Platform Lead, Twitter, Inc.http://twitter.com/al3x


[twitter-dev] Re: Platform downtime is expected

2009-08-18 Thread benn

The oauth login timeout seems to be fixed for me. Thanks
twittereenies!

Ben

On Aug 18, 11:10 am, Sean Callahan  wrote:
> Hi Ryan,
>
> When I sent the email 30 minutes ago I was not able to login. Now,
> like you, I was able to login. Now it is a sporadic issue. I will get
> you the info you need to those 5 questions. Because our current
> environment at the Rackspace Cloud is shared I need to call them.
> Basically, it is simply a basic auth issue. We're not calling
> anything, but that. User's cannot login. The IPs of the Rackspace
> Cloud that I am on are (Primary) 74.205.61.228 and (Secondary)
> 74.205.61.229 Not sure if this helps. Please advise.
>
> Sean
>
> On Aug 17, 3:37 pm, Ryan Sarver  wrote:
>
> > Sean,
>
> > I was just able to log into TweetPhoto using my basic auth credentials
> > with no problem. Please test again and provide any of the additional
> > details that you can:
>
> > *Copying from Alex email to make sure its consistent
> > 1. The IP of the machine making requests to the Twitter API. If you're
> > behind NAT, please be sure to send us your *external* IP.
>
> > 2. The IP address of the machine you're contacting in the Twitter
> > cluster. You can find this on UNIX machines via the "host" or
> > "nslookup" commands, and on Windows machines via the nslookup" command.
>
> > 3. The Twitter API URL (method) you're requesting and any other
> > details about the request (GET vs. POST, parameters, headers, etc.).
>
> > 4. Your host operating system, browser (including version), relevant
> > cookies, and any other pertinent information about your environment.
>
> > 5. What kind of network connection you have and from which provider,
> > and what kind of network connectivity devices you're using.
> > 
>
> > Best, Ryan
>
> > On Mon, Aug 17, 2009 at 3:33 PM, Sean Callahan 
> > wrote:
> > > Hi Ryan,
>
> > > I just replied to your email and also will post here in case you read
> > > this first. Maybe others will have an idea too as why basic auth is
> > > not working. Long story short - we were down for 3 days, up for the
> > > last 3 hours, and now down once again - no one can login using basic
> > > auth on our sitehttp://tweetphoto.com.
>
> > > It so happens when I responded to your email about 3 hours ago
> > > everything was working fine - meaning I was able to login to
> > > TweetPhoto as were other users. Since replying to your second email
> > > basic authentication onhttp://tweetphoto.comisnot working an no one
> > > can login to their account on our domain.
>
> > > I'm not sure why basic auth is not working when you said only OAuth
> > > should have been affected. With that said, I have an idea as I've
> > > spoken to a few Rackspace customers. Is it possible that a range of
> > > IPs  at Rackspace are being blocked/throttled preventing users from
> > > logging in through basic auth?
>
> > > I'm not sure why basic authentication came back online this morning
> > > and now it does not work. You asked me to respond to an email Alex
> > > sent, but I have not seen that. Please let me know what information
> > > you need to better troubleshoot this issue so we can resume service.
>
> > > As I mentioned in my email to you, I am willing to pay a monthly
> > > service fee as I'm sure other Twitter Developers are, to keep service
> > > running to TweetPhoto.com up 100% of the time.
>
> > > Please advise.
>
> > > Best Regards,
>
> > > Sean Callahan
>
> > > On Aug 16, 11:40 am, bosher  wrote:
> > >> Thanks for the update Chad..
>
> > >> On Aug 16, 10:52 am, Chad Etzel  wrote:
>
> > >> > Hi all,
>
> > >> > The API team is actively debugging the OAuth issues as we speak.
> > >> > Please be patient as we nail down the problems.
>
> > >> > Thanks,
> > >> > -Chad
>
> > >> > On Sun, Aug 16, 2009 at 1:43 PM, Andrew Badera wrote:
>
> > >> > > On Sun, Aug 16, 2009 at 1:40 PM, bosher wrote:
>
> > >> > >> How is it that all the oAuth apps out there are down, but others 
> > >> > >> like
> > >> > >> TweetMeMe are not? TweetMeMe works just fine, how is that possible?
>
> > >> > > HTTP Basic Auth still works I believe, as do any pre-problem OAuth
> > >> > > tokens issued.
>
> > >> > > ∞ Andy Badera
> > >> > > ∞ This email is: [ ] bloggable [x] ask first [ ] private
> > >> > > ∞ Google 
> > >> > > me:http://www.google.com/search?q=(andrew+badera)+OR+(andy+badera)-Hidequoted
> > >> > >  text -
>
> > >> - Show quoted text -- Hide quoted text -
>
> > - Show quoted text -


[twitter-dev] Add "rel=shortlink" support for auto-detecting short links

2009-08-18 Thread Sam Johnston

Morning all,

I have just added this idea to Get Satisfaction (http://bit.ly/sN7Gh)
that I think will be of interest to many of you:

"Please add support for the rel=shortlink (http://purl.org/net/
shortlink) standard so that Twtiter can detect short links from the
site (HTTP headers and/or HTML code) rather than having to manufacture
them itself using tinyurl.com, bit.ly, etc. This results in better
quality (less opaque), more reliable links in a way that doesn't hurt
the Internet."

WordPress.com have just announced (http://bit.ly/7WlPp) that they have
added rel=shortlink links to the HTTP headers and HTML HEAD of their 7
million hosted blogs (totaling well over 100 million pages) and this
is in addition to a number of other high profile sites such as PHP.net
and Ars Technica.

It also just got a lot more interesting for clients to support the
standard as doing so allows them to get better/faster/cheaper short
links that will be at least as reliable as the site itself. A recent
Pingdom report revealed shortener overheads running into many hundreds
of milliseconds and yet in-house shorteners (especially those on the
same domain) can have a negligible performance impact.

@samj


[twitter-dev] Re: Anyone Else Being Blocked Again? - Tuesday Aug 18

2009-08-18 Thread mak1e

hmmm no wonder the respond seems a little slow and sometimes tweets
don't go thru...
At first I was suspecting that it could be our firewall :D

I'll try to catch the issue if any on screenshots and will post it
here.

thanks for the updates, ;) Mark


On Aug 19, 3:06 am, Ryan Sarver  wrote:
> Dewald,
>
> When you see that kind of stuff crop up, can you please capture as
> much information as you can including packet dumps, headers, etc so
> that we can narrow down what might be the issue? There are lots of
> moving parts and we need to know where to focus our efforts.
>
> Thanks for keeping us updated. Best, Ryan
>
> On Tue, Aug 18, 2009 at 6:37 AM, Dewald Pretorius wrote:
>
> > At around 9:30 AM EST this morning I (tweetlater) got blocked yet
> > again with connection refused. It appears to be on all calls.
>
> > Anyone else?
>
> > Dewald


[twitter-dev] OAuth in VB.NET

2009-08-18 Thread Sc00by22

Hello everybody, today I made a program to hopefully use Twitter using
OAuth however I came across a problem. I downloaded the OAuth twitter
library from here:
http://code.google.com/p/twarp/downloads/list

I got the client to authorise the program and everything works ok. I
thought I would try updating my status next like this:

 Dim Tweet As String = HttpUtility.UrlEncode("Test tweet")
Dim XML As String = OAuth.WebRequest(Global.OAuth.RequestMethod.POST,
"http://twitter.com/statuses/update.xml";, "status=" + Tweet)

However I get an error on the last line.

Value cannot be null. Parameter name: key

Is there anyway I can fix this or is there a different VB.NET DLL I
can use?

Thanks


Re: Absurd Misunderstanding of Open Anything (Was: [twitter-dev] Re: Open Auth)

2009-08-18 Thread Joseph Cheek

nor can oauth assure the provider that a desktop app is legitimate when
the app authenticates itself to the provider.

John Kristian wrote:
> An OAuth Consumer that's deployed to users' desktops or mobile devices
> can't keep a secret. One should assume its consumer key and consumer
> secret will be known to attackers. Consequently, OAuth doesn't really
> assure the user that he's authorizing a legitimate copy of the
> Consumer software.



[twitter-dev] Re: Early developer preview: Retweeting API

2009-08-18 Thread jim.renkel

Marcel: thank you for the quick response to my questions.

Not surprisingly, your answers have raised a couple of more
questions. :-)

1. What happens if I give a retweet id number to the status/show
method? An error? The retweeted status message is returned along with
information about all of its retweets? I'm really hoping for the
second option here, and, if that is not the case currently,  I would
encourage twitter to make that enhancement. It seems to me to be
natural to want information on one specific retweet, just as one can
get specific information on one specific status update.

For the next 2 questions, assume A is following B and C, that B has
retweeted a status update say two days ago, and C has retweeted the
same status update yesterday.

2. In the response to a statuses/home_timeline request for user A,
will the retweeted status update and all its retweeting information be
duplicated at the two appropriate places in the timeline, once for B
and once for C? Or will one or the other be elided?

3. If the answer to 2, above, is "the retweeted status update is
duplicated", does the retweeting information reflect the state of the
twitterverse as it exists at the time the request is made or the state
at the time the retweet was created? Specifically, will the retweeting
information for B's retweet show that C has also retweeted it, even
though C hadn't yet retweeted it when B did?

4. Assume count=20 is specified on the statuses/home_timeline request.
Does the retweeted status update and all of its retweets count as just
1 of the 20 status updates in the response (i.e., the response could
have more than 20 elements, potentially way more, but all of the
retweets of a status update would appear in one "page" of the
response)? Or does each retweet count as 1 of the 20 (i.e., the
response will have only 20 elements, but the retweets of a single
status update could be spread across many, potentially very many,
pages)? I think it would have to be the former, as "Clients may [only]
request up to 3,200 statuses via the page and count parameters for
timeline REST API methods." (Quoted from the API documentation under
"6) There are pagination limits".), and if it were the latter ya
couldn't even return all the retweet information for a status update
that was retweeted more than 3200 times (Which DOES happen.).

5. "statuses/home_timeline" is like "statuses/friends_timeline" but
with retweets. There is no method that is like "statuses/
user_timeline" but with retweets. It can be synthesized by merging the
results of statuses/user_timeline and statuses/retweeted_by_me method
requests, but only for the authenticating user: the statuses/
retweeted_by_me method does not take id and user_id parameters as the
statuses/user_timeline method does. I think there's something missing
here: if I can see any users status updates, why can't I see their
retweets?

6. There are no methods like "statuses/mentions" and "favorites" but
including retweets (Or do those methods' results now include
retweets?). I see no way at all of synthesizing these. I think these
need to be provided for completeness.

7. Similarly, I'm guessing that "statuses/friends" and "statuses/
followers" responses don't include retweets (But if a user's last
update was a retweet, what do they report? The last update that wasn't
a retweet?). Again, I don't see a way of synthesizing these, and I
think methods that do include retweets need to be provided for
completeness.

The reason for wanting the completeness is to avoid user confusion.
Users will get used to seeing retweets, when they exist, when the home
timeline is displayed, and assume that if none are displayed, none
exist. I fear that they will then make that same assumption when
mentions, favorites, friends, and followers are displayed: no retweets
displayed, ergo no retweets exist. That may or may not be correct.

'Nough for now.

Comments expected and welcome.

Answers demanded! "-)

Jim Renkel


On Aug 17, 1:56 pm, Marcel Molina  wrote:
> Thanks for your questions. Responses inline...
>
> On Mon, Aug 17, 2009 at 10:31 AM, jim.renkel wrote:
>
> > I have both practical and philosophical concerns and questions with
> > this proposal. Since I'm a little late in commenting on this, some of
> > these have already been raised. Where I know that is the case, I'll
> > keep it short, but include it to show my support (or not) of the
> > issue.
>
> > This post contains practical issues. A companion post will contain
> > philosophical issues.
>
> > 1. When aretweetis created it is assigned an ID number, just like a
> > status update. Are retweets and status updates numbered from the same
> > sequence of numbers, or separate ones? I mainly ask out of curiosity,
> > but there are some implications as shown below.
>
> Tweets and retweets are currently numbered from the same sequence of numbers.
>
> > 2. Is there a limit on the number of times a status update can be
> > retweeted? Again, curiosity, but with imp

[twitter-dev] Re: Join us in the #twitterapi IRC channel on freenode

2009-08-18 Thread Marcel Molina

The channel had been set to +r which requires users to be registered
with the NickServ to join the channel. That restriction has been
lifted so things should be fine now (and since you just joined the
channel I'm assuming it works).

On Tue, Aug 18, 2009 at 4:29 PM, Dewald Pretorius wrote:
>
> Marcel,
>
> I can't join #twitterapi on irc.freenode.net. Colloquy-mobile just
> throws a deaf ear, i.e., nothing happens. I can join other chat rooms
> no problem.
>
> I'm not very familiar with IRC, so I might be making a rookie mistake.
>
> Dewald
>



-- 
Marcel Molina
Twitter Platform Team
http://twitter.com/noradio


Re: Absurd Misunderstanding of Open Anything (Was: [twitter-dev] Re: Open Auth)

2009-08-18 Thread John Kristian

This issue has been discussed at http://groups.google.com/group/oauth?hl=en
You might might find that informative.  Some highlights:

An OAuth Consumer that's deployed to users' desktops or mobile devices
can't keep a secret. One should assume its consumer key and consumer
secret will be known to attackers. Consequently, OAuth doesn't really
assure the user that he's authorizing a legitimate copy of the
Consumer software. (There are other ways to assure this; for example
the user might trust Apple's app store.)

Such a Consumer should avoid revealing a user's token secrets to other
users or other applications on the same platform. I've heard that the
iPhone Keychain is useful for this purpose. There's no need to hide
token secrets from their user (although the user should be discouraged
from revealing his token secrets to other users).

OAuth provides some value in this situation. It enables the Consumer
to avoid storing the user's password, and avoid transmitting the
password with each request to the Service Provider. (Instead, it
stores an access token secret, and signs each request.) It enables the
Service Provider to revoke permission for each Consumer individually,
without changing the password.


[twitter-dev] Re: sending a tweet from an ASP.NET form action

2009-08-18 Thread Andrew Badera

On Tue, Aug 18, 2009 at 4:45 PM, subquark wrote:
>
> I don't know where to start (or even the terms to search for)
> but . . .
>
> I would like to be able to send a tweet out on the completion of a
> form to my own account. A user fills out an ASP.NET form and when they
> submit the form, I would like my Twitter status to update and simply
> say "another form has been filed+tinyurl".  The tiny URL will always
> be the same.
>
> It would eventually be used in custom work we do for hotels and their
> Request For Proposal pages.  A user submits an RFP and we would like
> that hotel's Twitter to reflect that with something like:
>
> "another conference RFP just submitted - tinyURL"
>
> Where the URL is simply a link to their blank RFP form.  No user data
> would be passed ever.
>
> Thank you and thanks for making Twitter pretty much the centre of the
> social universe!
>
>

Well, you can spend some time learning, like most of us here, or you
can hire someone else to do it. Good luck with your choice.

∞ Andy Badera
∞ This email is: [ ] bloggable [x] ask first [ ] private
∞ Google me: http://www.google.com/search?q=(andrew+badera)+OR+(andy+badera)


[twitter-dev] Re: OAuth + Mobile nightmare

2009-08-18 Thread JDG
That's what you should be doing. There's no reason to get a new Access Token
every time. Per the OAuth spec, you should probably code your app to handle
an expired token gracefully. The spec states that tokens MAY expire --
Twitter currently does not expire theirs, though. However, that doesn't mean
that they couldn't in the future.

2009/8/18 André Arruda 

> I'm thinking about storing the access token in the phone so the user won't
> have to go
> through all the auth process everytime the program is opened.
>
> I hope i won't find any new "surprises" by doing this.
>
>
>
> 2009/8/18 Otávio Ribeiro 
>
> no.. just the same problem.
>>
>> On Mon, Aug 17, 2009 at 3:09 PM, AArruda  wrote:
>>
>>>
>>> I've been developing a Java/MIDP Twitter client for the past two
>>> months, and i still need a couple more months to publish a beta
>>> version. A few days ago i found out that the update source (app name)
>>> is no longer customizable unless the client uses OAuth for
>>> authentication, which means that any update sent through my client is
>>> shown as "from API" instead of my app's name.
>>>
>>> I understand that OAuth is important for many security reasons, but it
>>> still has important issues with mobile applications, forcing the user
>>> to open a page through a mobile device, writing down the PIN,
>>> switching back to the app and logging in again is just hell. Not to
>>> mention the smartphones that don't support programs running in the
>>> background.
>>>
>>> The current API's methods shouldn't be restricted to OAuth unless
>>> these issues are solved first. We, developers and mobile users, would
>>> be thankful.
>>>
>>> Is anyone using any other solution for OAuth and mobile devices, if
>>> there is any?
>>>
>>
>>
>


-- 
Internets. Serious business.


[twitter-dev] Join us in the #twitterapi IRC channel on freenode

2009-08-18 Thread Marcel Molina

We've heard your requests for greater transparency and more frequent
communication in the last couple weeks around the fall out from the
DDoS attacks. The Twitter Development Talk mailing list and
@twitterapi account have gone a long way to keeping the conversation
flowing. We want to facilitate even more modes of communication
though. So we've opened up the #twitterapi IRC channel on
irc.freenode.net. We hope to be able to provide some real-time support
when things go awry. Unfortunately, we can't provide 24/7 support via
IRC, but we'll try to be around during deploys, unexpected outages,
and special events. We also envision it as a place for developers to
help each other. So, if you're into IRC, we encourage you to come on
over.

-- 
Marcel Molina
Twitter Platform Team
http://twitter.com/noradio


[twitter-dev] Re: Join us in the #twitterapi IRC channel on freenode

2009-08-18 Thread Dewald Pretorius

Marcel,

I can't join #twitterapi on irc.freenode.net. Colloquy-mobile just
throws a deaf ear, i.e., nothing happens. I can join other chat rooms
no problem.

I'm not very familiar with IRC, so I might be making a rookie mistake.

Dewald


[twitter-dev] streaming api - track method with oauth ?

2009-08-18 Thread lquerel

Hi guys,

Are there plans to allow oauth instead of the basic auth to access the
track service ? Typically this service can be used in a third
application to follow several subject in a more efficient way that the
current polling method based on the standard API.

Thanks

Laurent Quérel


[twitter-dev] sending a tweet from an ASP.NET form action

2009-08-18 Thread subquark

I don't know where to start (or even the terms to search for)
but . . .

I would like to be able to send a tweet out on the completion of a
form to my own account. A user fills out an ASP.NET form and when they
submit the form, I would like my Twitter status to update and simply
say "another form has been filed+tinyurl".  The tiny URL will always
be the same.

It would eventually be used in custom work we do for hotels and their
Request For Proposal pages.  A user submits an RFP and we would like
that hotel's Twitter to reflect that with something like:

"another conference RFP just submitted - tinyURL"

Where the URL is simply a link to their blank RFP form.  No user data
would be passed ever.

Thank you and thanks for making Twitter pretty much the centre of the
social universe!



[twitter-dev] Re: legal issues - is tweet an official verb in the US language?

2009-08-18 Thread Bill Kocik



On Aug 17, 8:06 am, Nicole Simon  wrote:
> Question: is to tweet an official word in the english language
> both american and english? as in widely used?
>
> does the US and UK trademark system reject such applications?

Microsoft has a registered trademark on Windows. Apple Computer has a
registered trademark on Apple.


[twitter-dev] Re: OAuth + Mobile nightmare

2009-08-18 Thread Josh Roesslein
Yes you can store the access token for use later.

Some phones support binding an URL schema to an application.
You can use this as a callback url for oauth. When twitter redirects the
user
the phone's browser will see the custom schema and invoke the application.
No pin code transfer needed.

2009/8/18 André Arruda 

> I'm thinking about storing the access token in the phone so the user won't
> have to go
> through all the auth process everytime the program is opened.
>
> I hope i won't find any new "surprises" by doing this.
>
>
>
> 2009/8/18 Otávio Ribeiro 
>
> no.. just the same problem.
>>
>> On Mon, Aug 17, 2009 at 3:09 PM, AArruda  wrote:
>>
>>>
>>> I've been developing a Java/MIDP Twitter client for the past two
>>> months, and i still need a couple more months to publish a beta
>>> version. A few days ago i found out that the update source (app name)
>>> is no longer customizable unless the client uses OAuth for
>>> authentication, which means that any update sent through my client is
>>> shown as "from API" instead of my app's name.
>>>
>>> I understand that OAuth is important for many security reasons, but it
>>> still has important issues with mobile applications, forcing the user
>>> to open a page through a mobile device, writing down the PIN,
>>> switching back to the app and logging in again is just hell. Not to
>>> mention the smartphones that don't support programs running in the
>>> background.
>>>
>>> The current API's methods shouldn't be restricted to OAuth unless
>>> these issues are solved first. We, developers and mobile users, would
>>> be thankful.
>>>
>>> Is anyone using any other solution for OAuth and mobile devices, if
>>> there is any?
>>>
>>
>>
>


-- 
Josh


[twitter-dev] "Do not display a background image"

2009-08-18 Thread Sam Street

Just noticed something relating to the API method users/show

When requesting a user's data I dont see a field relating to whether
the user has chosen "Do not display a background image"

If you see here: http://twitter.com/users/show.xml?screen_name=AstuteCat
The default twitter background (clouds) is listed as this users
 when infact no background image is
displayed on their profile:

http://twitter.com/AstuteCat

This has caused the following to happen on my app: http://twic.li/AstuteCat

It would be great to be able to check if a user has chosen not to
display a background image.

Thanks


[twitter-dev] Re: Permanent URL to profile images?

2009-08-18 Thread Sam Street

I cache the users profile image and background when they authorize and
each time they reauthorize the return values are compared. If they are
different the images are updated and recached.
I couldn't find a better way to handle this other than running a
cronjob that calls /users/show method for each authorized user and
updates thier profile images url  - but i dont recommend this (api
rape)

On Aug 18, 9:35 pm, Andrew Badera  wrote:
> On Tue, Aug 18, 2009 at 4:21 PM, natefanaro wrote:
>
> > There is no officially supported way to get a static url for profile
> > images but if you're familiar with google app engine you may want to
> > check this out:http://code.google.com/p/spiurl/
>
> Nice, great find, thanks for sharing.
>
> ∞ Andy Badera
> ∞ This email is: [ ] bloggable [x] ask first [ ] private
> ∞ Google me:http://www.google.com/search?q=(andrew+badera)+OR+(andy+badera)


[twitter-dev] DM Length

2009-08-18 Thread Dewald Pretorius

The API documentation says a DM must be under 140 characters.

Someone just sent me a DM that has 841 characters. I counted the
characters after I fell of my chair and got back on it again.

What's up with that?

Dewald


[twitter-dev] Re: Accessing Twitter API from UK

2009-08-18 Thread Carl

Bummer, I know this is the Twitter group, but I am curious if any
other source offer that?  It seems both Google Trend and Yahoo Buzz
are US only, Bing's XRank only covers celebrities, anyone knows any UK
source for that?

Appreciate it!

On Aug 18, 12:16 pm, Abraham Williams <4bra...@gmail.com> wrote:
> Currently there are not.
>
> Abraham
>
> 2009/8/18 Carl 
>
>
>
>
>
>
>
> > I don't know, that is what I want to find out :)
>
> > On Aug 18, 4:11 am, Goblin  wrote:
> > > There are location specifictrendlists?
>
> > > On Aug 18, 12:53 am, Carl  wrote:
>
> > > > Hi there,
>
> > > > I would like to lookup the top UK trends by accessing the twitter api
> > > > from US, I don't see a locale parameter as part of the method, any
> > > > pointers?
>
> > > > Thanks- Hide quoted text -
>
> > > - Show quoted text -
>
> --
> Abraham Williams | Community Evangelist |http://web608.org
> Hacker |http://abrah.am|http://twitter.com/abraham
> Project |http://fireeagle.labs.poseurtech.com
> This email is: [ ] blogable [x] ask first [ ] private.
> Sent from Madison, Wisconsin, United States- Hide quoted text -
>
> - Show quoted text -


[twitter-dev] Re: storing access tokens

2009-08-18 Thread shiplu

On Tue, Aug 18, 2009 at 6:32 PM, AArruda wrote:
>
> I'm developing a mobile app for Twitter and i am thinking about
> storing the access tokens internally
> so the user won't have to go through the whole web authentication
> process every time the
> program is used.
>
> Is that a good practice, or are there any issues with this solution?


No problem with it.
These tokens are given so that you dont have to reauthenticate.
So store it and use it.
It has no expiry time. At least nothing is said in spec.


-- 
A K M Mokaddim
http://talk.cmyweb.net
http://twitter.com/shiplu
Stop Top Posting !!
বাংলিশ লেখার চাইতে বাংলা লেখা অনেক ভাল
Sent from Dhaka, Bangladesh


[twitter-dev] Re: storing access tokens

2009-08-18 Thread Bill Kocik


Storing access tokens - safely - is a generally accepted practice.

On Aug 18, 8:32 am, AArruda  wrote:
> I'm developing a mobile app for Twitter and i am thinking about
> storing the access tokens internally
> so the user won't have to go through the whole web authentication
> process every time the
> program is used.
>
> Is that a good practice, or are there any issues with this solution?
>
> Thanks!


[twitter-dev] Re: Permanent URL to profile images?

2009-08-18 Thread Andrew Badera

On Tue, Aug 18, 2009 at 4:21 PM, natefanaro wrote:
>
> There is no officially supported way to get a static url for profile
> images but if you're familiar with google app engine you may want to
> check this out: http://code.google.com/p/spiurl/
>

Nice, great find, thanks for sharing.

∞ Andy Badera
∞ This email is: [ ] bloggable [x] ask first [ ] private
∞ Google me: http://www.google.com/search?q=(andrew+badera)+OR+(andy+badera)


[twitter-dev] Re: API profile image update

2009-08-18 Thread Josh Roesslein
One more related question:

Is it possible to use oauth for these profile image endpoints?
The issue is signing the POST body which the spec does not specify.
Does twitter support this in anyway or is basic auth the only option?

Josh


[twitter-dev] Platform Status Update, Tuesday 2:00pm PST

2009-08-18 Thread Ryan Sarver

Thanks to everyone who sent in detailed issue reports we have been
able to tune the system to recognize the traffic better and things
seem to be running well. We will continue to closely monitor the
system and tune as needed. Your detailed reports are very important in
helping us teach the system what your request patterns look like.

One thing we have noticed and is generally a good coding practice -
make sure that if you open a connection for a request that you close
that connection before exiting out or you may run the risk of looking
like malicious traffic.

Please continue to operate your systems as you normally would and
notify us when you have issues with the detailed information, which
I've include here for the sake of consistency:

1. The IP of the machine making requests to the Twitter API. If you're
behind NAT, please be sure to send us your *external* IP.
2. The IP address of the machine you're contacting in the Twitter
cluster. You can find this on UNIX machines via the "host" or
"nslookup" commands, and on Windows machines via the "nslookup"
command.
3. The Twitter API URL (method) you're requesting and any other
details about the request (GET vs. POST, parameters, headers, etc.).
4. Your host operating system, browser (including version), relevant
cookies, and any other pertinent information about your environment.
5. What kind of network connection you have and from which provider,
and what kind of network connectivity devices you're using.

Thanks again for all of your support and let us know if you continue
to see any issues.

Best, Ryan
@rsarver


[twitter-dev] Re: API profile image update

2009-08-18 Thread Josh Roesslein
Okay I've seem to have fixed the code and it works perfectly now. :) Made a
few
mistakes which where causing the issues and the 500 error. Anyone else
experiencing the 500 error should check their code.

On Tue, Aug 18, 2009 at 2:37 PM, Josh Roesslein wrote:

> Here is the code where I pack the image to send to twitter:
>
> http://github.com/joshthecoder/tweepy/blob/1e6485cd2f96f0505139f722603d7b6862ec6a45/tweepy/api.py#L422
>
> Perhaps I'm doing something wrong there?
>
>
> On Tue, Aug 18, 2009 at 2:30 PM, Josh Roesslein wrote:
>
>> Thanks for sharing that link Mitchel. It seems the curl example does work
>> just fine, so maybe
>> the issue is within my code. Just seems twitter doesn't handle the error
>> gracefully. Should be a 4xx
>> error being returned if its client issue.
>>
>>
>> On Tue, Aug 18, 2009 at 10:34 AM, Mitchel Berberich wrote:
>>
>>>
>>> Hi Josh,
>>> Hi David.
>>>
>>> I have the same problem over here, too.
>>> I'm trying to update the image using java jersey but all I get is
>>> error 500.
>>>
>>> Searching the internet half a day, I also found a previous description
>>> of the problem posted in December 2008, but still no solution :-(
>>>
>>> http://groups.google.com/group/twitter-development-talk/browse_thread/thread/bec5efc1469b1d94
>>>
>>> Cheers,
>>>   Mitchel
>>>
>>
>>
>>
>> --
>> Josh
>>
>
>
>
> --
> Josh
>



-- 
Josh


[twitter-dev] Re: OAuth + Mobile nightmare

2009-08-18 Thread André Arruda
I'm thinking about storing the access token in the phone so the user won't
have to go
through all the auth process everytime the program is opened.

I hope i won't find any new "surprises" by doing this.



2009/8/18 Otávio Ribeiro 

> no.. just the same problem.
>
> On Mon, Aug 17, 2009 at 3:09 PM, AArruda  wrote:
>
>>
>> I've been developing a Java/MIDP Twitter client for the past two
>> months, and i still need a couple more months to publish a beta
>> version. A few days ago i found out that the update source (app name)
>> is no longer customizable unless the client uses OAuth for
>> authentication, which means that any update sent through my client is
>> shown as "from API" instead of my app's name.
>>
>> I understand that OAuth is important for many security reasons, but it
>> still has important issues with mobile applications, forcing the user
>> to open a page through a mobile device, writing down the PIN,
>> switching back to the app and logging in again is just hell. Not to
>> mention the smartphones that don't support programs running in the
>> background.
>>
>> The current API's methods shouldn't be restricted to OAuth unless
>> these issues are solved first. We, developers and mobile users, would
>> be thankful.
>>
>> Is anyone using any other solution for OAuth and mobile devices, if
>> there is any?
>>
>
>


[twitter-dev] Re: Permanent URL to profile images?

2009-08-18 Thread natefanaro

There is no officially supported way to get a static url for profile
images but if you're familiar with google app engine you may want to
check this out: http://code.google.com/p/spiurl/

On Aug 18, 1:34 pm, Adriano Nagel  wrote:
> Hi,
>
> Is there a permanent URL to user profile images? Currently when a user
> changes his avatar, my app displays a broken image.
>
> I'm trying to avoid looking for updates periodically, but I couldn't
> find anything related in the API.
>
> Thanks,
>
> --
> Adriano


[twitter-dev] Re: API profile image update

2009-08-18 Thread Josh Roesslein
Here is the code where I pack the image to send to twitter:
http://github.com/joshthecoder/tweepy/blob/1e6485cd2f96f0505139f722603d7b6862ec6a45/tweepy/api.py#L422

Perhaps I'm doing something wrong there?

On Tue, Aug 18, 2009 at 2:30 PM, Josh Roesslein wrote:

> Thanks for sharing that link Mitchel. It seems the curl example does work
> just fine, so maybe
> the issue is within my code. Just seems twitter doesn't handle the error
> gracefully. Should be a 4xx
> error being returned if its client issue.
>
>
> On Tue, Aug 18, 2009 at 10:34 AM, Mitchel Berberich wrote:
>
>>
>> Hi Josh,
>> Hi David.
>>
>> I have the same problem over here, too.
>> I'm trying to update the image using java jersey but all I get is
>> error 500.
>>
>> Searching the internet half a day, I also found a previous description
>> of the problem posted in December 2008, but still no solution :-(
>>
>> http://groups.google.com/group/twitter-development-talk/browse_thread/thread/bec5efc1469b1d94
>>
>> Cheers,
>>   Mitchel
>>
>
>
>
> --
> Josh
>



-- 
Josh


[twitter-dev] Re: API profile image update

2009-08-18 Thread Josh Roesslein
Thanks for sharing that link Mitchel. It seems the curl example does work
just fine, so maybe
the issue is within my code. Just seems twitter doesn't handle the error
gracefully. Should be a 4xx
error being returned if its client issue.

On Tue, Aug 18, 2009 at 10:34 AM, Mitchel Berberich wrote:

>
> Hi Josh,
> Hi David.
>
> I have the same problem over here, too.
> I'm trying to update the image using java jersey but all I get is
> error 500.
>
> Searching the internet half a day, I also found a previous description
> of the problem posted in December 2008, but still no solution :-(
>
> http://groups.google.com/group/twitter-development-talk/browse_thread/thread/bec5efc1469b1d94
>
> Cheers,
>   Mitchel
>



-- 
Josh


[twitter-dev] Re: Accessing Twitter API from UK

2009-08-18 Thread Abraham Williams
Currently there are not.

Abraham

2009/8/18 Carl 

>
> I don't know, that is what I want to find out :)
>
> On Aug 18, 4:11 am, Goblin  wrote:
> > There are location specifictrendlists?
> >
> > On Aug 18, 12:53 am, Carl  wrote:
> >
> >
> >
> > > Hi there,
> >
> > > I would like to lookup the top UK trends by accessing the twitter api
> > > from US, I don't see a locale parameter as part of the method, any
> > > pointers?
> >
> > > Thanks- Hide quoted text -
> >
> > - Show quoted text -
>



-- 
Abraham Williams | Community Evangelist | http://web608.org
Hacker | http://abrah.am | http://twitter.com/abraham
Project | http://fireeagle.labs.poseurtech.com
This email is: [ ] blogable [x] ask first [ ] private.
Sent from Madison, Wisconsin, United States


[twitter-dev] Re: Recent SimpleXML_load_string error

2009-08-18 Thread Dewald Pretorius

Jason,

If it is at possible for you to switch over to Twitter JSON calls, do
so. It saves a ton of headaches. If the response document does not
contain valid JSON, you get a FALSE as response in the decode instead
of all those warnings that you get in simplexml. JSON responses are
smaller in size as well, because they do not have the overhead of the
XML tags.

Dewald


[twitter-dev] Re: Platform Status Update, Monday 4:30pm PST

2009-08-18 Thread djc8080

Here's the typical errors. Call 1 says 132 hits remaining; call 2
returns over the limit. Once an hour, call 2 slips through and returns
the right result. Otherwise, on some accounts - the rate_limit bug
blocks access. On other accounts, there is no problem at all.
Sometimes, the problem resolves on one account; and moves to another.
In my humble opinion, the bugs trace to out-of-control, unpredictable
rate-limiting statements.

Also, note reset time in seconds makes no sense.

1. http://twitter.com/account/rate_limit_status.xml

Results:

132
150
2009-08-18T17:32:14+00:00
1250616734



2. http://twitter.com/statuses/followers/scotmckay.xml
Results:

/statuses/followers/scotmckay.xml
-

Rate limit exceeded. Clients may not make more than 150 requests per
hour.




[twitter-dev] Re: Accessing Twitter API from UK

2009-08-18 Thread Carl

I don't know, that is what I want to find out :)

On Aug 18, 4:11 am, Goblin  wrote:
> There are location specifictrendlists?
>
> On Aug 18, 12:53 am, Carl  wrote:
>
>
>
> > Hi there,
>
> > I would like to lookup the top UK trends by accessing the twitter api
> > from US, I don't see a locale parameter as part of the method, any
> > pointers?
>
> > Thanks- Hide quoted text -
>
> - Show quoted text -


[twitter-dev] Fav on Retweeted tweets

2009-08-18 Thread mootoh

I want to propose a fav behavior on retweeted posts.

A Fav on retweeted posts should be propagated to original tweets.

I often use the favorite facility to save inspired tweets to read it
later, and recently those tweets are retweeted ones. I want pass those
feelings to the original authors in addition to retweeters.


[twitter-dev] Re: Permanent URL to profile images?

2009-08-18 Thread JDG
no

On Tue, Aug 18, 2009 at 11:34, Adriano Nagel  wrote:

>
> Hi,
>
> Is there a permanent URL to user profile images? Currently when a user
> changes his avatar, my app displays a broken image.
>
> I'm trying to avoid looking for updates periodically, but I couldn't
> find anything related in the API.
>
> Thanks,
>
> --
> Adriano
>



-- 
Internets. Serious business.


[twitter-dev] Re: OAuth + Mobile nightmare

2009-08-18 Thread Otávio Ribeiro
no.. just the same problem.
On Mon, Aug 17, 2009 at 3:09 PM, AArruda  wrote:

>
> I've been developing a Java/MIDP Twitter client for the past two
> months, and i still need a couple more months to publish a beta
> version. A few days ago i found out that the update source (app name)
> is no longer customizable unless the client uses OAuth for
> authentication, which means that any update sent through my client is
> shown as "from API" instead of my app's name.
>
> I understand that OAuth is important for many security reasons, but it
> still has important issues with mobile applications, forcing the user
> to open a page through a mobile device, writing down the PIN,
> switching back to the app and logging in again is just hell. Not to
> mention the smartphones that don't support programs running in the
> background.
>
> The current API's methods shouldn't be restricted to OAuth unless
> these issues are solved first. We, developers and mobile users, would
> be thankful.
>
> Is anyone using any other solution for OAuth and mobile devices, if
> there is any?
>


[twitter-dev] Re: https on twimg.com?

2009-08-18 Thread JDG
This has already been discussed on the list. If you want to use HTTPS, for
now, you have to replace the twimg host with the amazonaws host.

On Tue, Aug 18, 2009 at 08:54, Alex  wrote:

>
> Our app uses https during the user session and in order to prevent
> errors in some browsers we must make sure that all files (including
> images) are loading via https as well.
>
> Up until now we were just taking the profile image URL and swapping
> http for https in the URL, and everything worked fine. For example:
>
> https://s3.amazonaws.com/twitter_production/profile_images/52714790/aj_normal.gif
>
> However I am noticing that as profile images get migrated to twimg.com
> the SSL is no longer working, and as a result we are not able to load
> the images for those users.
>
> For example, @garyvee's profile image is:
> http://a3.twimg.com/profile_images/333261519/twitterProfilePhoto_normal.jpg
>
> But it will not load if we request:
>
> https://a3.twimg.com/profile_images/333261519/twitterProfilePhoto_normal.jpg
>
> Do you have plans to support https requests on the twimg.com
> subdomains?
>
> Thanks.
>



-- 
Internets. Serious business.


[twitter-dev] Re: Recent SimpleXML_load_string error

2009-08-18 Thread Adam Shannon
Reload the page, it's been happening to me.

On Tue, Aug 18, 2009 at 11:03 AM, Jason Lav  wrote:

>
> I am getting a SimpleXML error (see below) when trying to run
> simplexml_load_string on XML content from Twitter (http://twitter.com/
> statuses/user_timeline.xml). It is an intermittent problem and I have
> seen on my own site as a well as others websites (if you search on
> google, you will find a number of instances).
>
> The problem, I believe, started quite recently. It also is not a
> consistent issue. Thoughts?
>
> Warning: simplexml_load_string() [function.simplexml-load-string ]:
> Entity: line 10: parser error : Opening and ending tag mismatch: META
> line 8 and HEAD in [file-path]on line 8
>
> Warning: simplexml_load_string() [function.simplexml-load-string ]:  HEAD> in [file-path]on line 8
>
> Warning: simplexml_load_string() [function.simplexml-load-string ]: ^
> in [file-path]on line 8
>
> Warning: simplexml_load_string() [function.simplexml-load-string ]:
> Entity: line 11: parser error : Opening and ending tag mismatch: P
> line 11 and BODY in [file-path]on line 8
>
> Warning: simplexml_load_string() [function.simplexml-load-string ]:
>  in [file-path]on line 8
>
> Warning: simplexml_load_string() [function.simplexml-load-string ]: ^
> in [file-path]on line 8
>
> Warning: simplexml_load_string() [function.simplexml-load-string ]:
> Entity: line 12: parser error : Opening and ending tag mismatch: BODY
> line 11 and HTML in [file-path]on line 8
>
> Warning: simplexml_load_string() [function.simplexml-load-string ]:  HTML> in [file-path]on line 8
>
> Warning: simplexml_load_string() [function.simplexml-load-string ]: ^
> in [file-path]on line 8
>
> Warning: simplexml_load_string() [function.simplexml-load-string ]:
> Entity: line 13: parser error : Premature end of data in tag META line
> 7 in [file-path]on line 8
>
> Warning: simplexml_load_string() [function.simplexml-load-string ]: in
> [file-path]on line 8
>
> Warning: simplexml_load_string() [function.simplexml-load-string ]: ^
> in [file-path]on line 8
>
> Warning: simplexml_load_string() [function.simplexml-load-string ]:
> Entity: line 13: parser error : Premature end of data in tag META line
> 6 in [file-path]on line 8
>
> Warning: simplexml_load_string() [function.simplexml-load-string ]: in
> [file-path]on line 8
>
> Warning: simplexml_load_string() [function.simplexml-load-string ]: ^
> in [file-path]on line 8
>
> Warning: simplexml_load_string() [function.simplexml-load-string ]:
> Entity: line 13: parser error : Premature end of data in tag HEAD line
> 5 in [file-path]on line 8
>
> Warning: simplexml_load_string() [function.simplexml-load-string ]: in
> [file-path]on line 8
>
> Warning: simplexml_load_string() [function.simplexml-load-string ]: ^
> in [file-path]on line 8
>
> Warning: simplexml_load_string() [function.simplexml-load-string ]:
> Entity: line 13: parser error : Premature end of data in tag HTML line
> 4 in [file-path]on line 8
>
> Warning: simplexml_load_string() [function.simplexml-load-string ]: in
> [file-path]on line 8
>
> Warning: simplexml_load_string() [function.simplexml-load-string ]: ^
> in [file-path]on line 8
>
> Fatal error: Call to a member function children() on a non-object in
> [file-path]on line 10
>



-- 
- Adam Shannon ( http://ashannon.us )


[twitter-dev] Permanent URL to profile images?

2009-08-18 Thread Adriano Nagel

Hi,

Is there a permanent URL to user profile images? Currently when a user
changes his avatar, my app displays a broken image.

I'm trying to avoid looking for updates periodically, but I couldn't
find anything related in the API.

Thanks,

--
Adriano


[twitter-dev] Twitter API docs 404 URL

2009-08-18 Thread Scott Haneda


Hello. The Twitter API has a mobile version. I have never seen it work.

http://apiwiki.twitter.com/Getting-Started

As you can see, if you are detected as mobile all API doc pages 404. I  
click the "desktop version" link at the bottom and everything works as  
advertised.


I thought I would bring this to the attention of Twitter. I find if I  
look at the API on my iPhone to answer questions that are mostly small  
curious inquries. Not a huge deal, but it would be nice if it worked,  
and I suspect it will be a simple fix.

--
Scott
Iphone says hello.


[twitter-dev] Re: My Issue with the ReTweet API and my solutions

2009-08-18 Thread Jeffrey Greenberg
I also am not on fire about this API... Since our app, www.tweettronics.com,
tracks user's twitter activities, I think that while retweeting has been
popular it's mainly been a tool for spammage as part of user's desire for
self-promotion and less as a tool for user attibution.  Still the users have
taken it up... it's just that what I'm seeing is that it's primiarily used
to generate tweets and thus attention to one's account...
On the other hand, it at least formalizes what is going on, making it easier
to track retweeting behavior, to the extent that such tracking has any
fundamental value as far as estimating user influence, given the signal to
noise ratio that is going on
I do think that this API can help solve other issues, such as the challenge
of having threaded tweets.  Is support of threaded tweets an intended effect
of the api?

jeffrey greenberg
http://www.tweettronics.com
http://www.jeffrey-greenberg.com


[twitter-dev] JQuery Full API Plugin - Help Needed Testing

2009-08-18 Thread Eric Garside

Hey guys, I've been working on a full implementation of the twitter
API through, primarily, jQuery, with a simple relay script server side
for securely signing and keeping auth details. I've just finished the
library, and am looking for some developers who know both the twitter
API and jQuery to help test out this new plugin.

If you would like to help with this project (currently named Jitter:
Jquery Twitter), please send an email to gars...@gmail.com

Thanks!

[Cross Posted on the Twitter Dev and jQuery Lists]


[twitter-dev] Re: How are we supposed to be handeling HTML responses from the API?

2009-08-18 Thread Andrew C.

Ryan,

I'll put in some additional logging to get the answers to two. The
request I am making gets cached for 24 hours (as to not overload the
Twitter servers) so once it succeeds it could be a while before I hit
the error again. I can try to force it. As far as the rest of it goes:

1. I'll email you the IP address.
2. As above: I will get the answer next time the error happens.
3. The method is statuses/friends.json via GET
4. The host OS is CentOS 5. The connection is being made via a TCP/IP
socket. OAuth is used for user authentication. No cookies are stored.
5. The machine is in the Amazon Cloud. Since it is a VM I can't know
what the underlying network hardware is.

A side note regarding #2: one of the biggest problems with this error
is that it is sporadic. But the application loses significant
functionality when it does happen. So if the problem can't be fixed a
good alternative is to have a reliable way to recover from the problem
so that the app can return to it's functional state.

Thanks,
- Andrew

On Aug 18, 11:08 am, Ryan Sarver  wrote:
> Andrew,
>
> Thanks for bumping this up to us. Can you please also provide some
> additional data to us (as much as you can) so we can help figure out
> what is going on and where it is coming from?
>
> 1. The IP of the machine making requests to the Twitter API. If you're
> behind NAT, please be sure to send us your *external* IP.
> 2. The IP address of the machine you're contacting in the Twitter
> cluster. You can find this on UNIX machines via the "host" or
> "nslookup" commands, and on Windows machines via the "nslookup"
> command.
> 3. The Twitter API URL (method) you're requesting and any other
> details about the request (GET vs. POST, parameters, headers, etc.).
> 4. Your host operating system, browser (including version), relevant
> cookies, and any other pertinent information about your environment.
> 5. What kind of network connection you have and from which provider,
> and what kind of network connectivity devices you're using.
>
> Thanks in advance. Best, Ryan
>
> On Tue, Aug 18, 2009 at 7:37 AM, Andrew wrote:
>
> > I get this response quite frequently:
>
> > 
> > 
> > 
> > 
> > 
> > 
> > 
> > 
> > 
> > 
>
> > And other people are getting it as well (
> >http://groups.google.com/group/twitter-development-talk/browse_thread...
> > ).
>
> > What is the recommended way of handling this? I could do an immediate
> > refresh and hope for the best, which is my initial thought. But the
> > other question is, why is a request for JSON returning HTML?
>
> > The request that seems to be the most problematic for me in this
> > regard is:
> >http://twitter.com/statuses/friends.json
>
> > I am authenticating via OAuth and not using Curl.


[twitter-dev] Re: API profile image update

2009-08-18 Thread Mitchel Berberich

Hi Josh,
Hi David.

I have the same problem over here, too.
I'm trying to update the image using java jersey but all I get is
error 500.

Searching the internet half a day, I also found a previous description
of the problem posted in December 2008, but still no solution :-(
http://groups.google.com/group/twitter-development-talk/browse_thread/thread/bec5efc1469b1d94

Cheers,
  Mitchel


Re: Absurd Misunderstanding of Open Anything (Was: [twitter-dev] Re: Open Auth)

2009-08-18 Thread Jason Martin
I'm sorry, I was talking about distributing source code. However, I  
wasn't thinking of Open Source (even though I wrote that), I was  
thinking of things like interpreted languages (like PHP) where you  
would distribute an application that can't be compiled in to a binary,  
as, even if you don't release the project as open source, if you can  
download, you have the source code. For example, there is a PHP  
project out there called eyeOS, which does what it sounds like it  
does: creates an Operating System like application that runs in your  
browser. If I were to write a Twitter client for that using OAuth, and  
put that up for download for a user to install, even though I am not  
making it open source, I am still releasing the source code because I  
cannot compile the code into a binary. What would you suggest I do,  
then, to try to hide my consumer key and secret to prevent people from  
using it to spam twitter and (possibly) getting my app shut down?

  - Jason

On Aug 17, 2009, at 4:55 PM, Chris Babcock wrote:

>
> Silly me. I thought someone was talking about distributing source  
> code.
> Building an enduser distribution is somewhat to entirely different.
>
> First, there really isn't any point to using OAuth for a client unless
> the client code lives on the network. The whole advantage of the  
> scheme
> is that the user does not have to disclose credentials to one or more
> third parties. An application that doesn't access a third party  
> network
> should use basic authentication over HTTPS.
>
> If Twitter decides to eliminate basic auth then the correct way  
> (from a
> security stand point) to implement OAuth would be to obtain a separate
> key for each client. I don't see the current OAuth spec as being set  
> up
> to handle bulk key assignments, but you can't distribute a single  
> key to
> multiple clients outside of your network. Whether or not the app is
> Open Source is a non-issue; It's complete FUD-rucking to imply that it
> is any diffent distributing a secret key in a close source app than it
> would be to do so in an open source app.
>
> What happens if you try to use a screwdriver as a hammer? It's the  
> same
> thing here only someone had to drag Open Source into as if that made
> any kind of a difference. To top it off, the OP had a complete
> misunderstanding of the consequences of key disclosure. "A Spammer
> could use it and get your app banned..." as if that's of any
> consequence compared to the users' accounts getting hijacked by apps
> impersonating your client.
>
> And what's with keeping score as if Open Auth and basic were a couple
> of talking tools on Disney Channel having some sort of ludicrous
> rivalry?
>
> Chris Babcock
>
>
>> This is interesting Chris, as I have had the same question.  How  
>> would
>> you propose to distribute a usable FLOSS twitter app that uses Oauth
>> to authenticate itself but doesn't include the app's consumer key and
>> consumer secret?  fetch the key and secret at runtime from a secure
>> server somewhere?  that could be trivially intercepted.
>>
>> Joseph Cheek
>> @cheekdotcom
>>
>> Chris Babcock wrote:
>>> On Sun, 16 Aug 2009 18:49:49 -0400
>>> Jason Martin  wrote:
>>>
>>>
 On another note, how "Open Source friendly" is OAuth? I'm not sure
 if people who write open source software want to be giving out
 their Consumer Secret key in their source code

>>>
>>> Reasoning from a faulty premise.
>>>
>>> When you know your code is going to be seen you either avoid doing
>>> stupid things like hard coding credentials or you learn fast that
>>> configuration data is not code.
>>>
>>> (Now where I did leave my virtual haddock?)
>>>
>>> Chris Babcock



[twitter-dev] Recent SimpleXML_load_string error

2009-08-18 Thread Jason Lav

I am getting a SimpleXML error (see below) when trying to run
simplexml_load_string on XML content from Twitter (http://twitter.com/
statuses/user_timeline.xml). It is an intermittent problem and I have
seen on my own site as a well as others websites (if you search on
google, you will find a number of instances).

The problem, I believe, started quite recently. It also is not a
consistent issue. Thoughts?

Warning: simplexml_load_string() [function.simplexml-load-string ]:
Entity: line 10: parser error : Opening and ending tag mismatch: META
line 8 and HEAD in [file-path]on line 8

Warning: simplexml_load_string() [function.simplexml-load-string ]:  in [file-path]on line 8

Warning: simplexml_load_string() [function.simplexml-load-string ]: ^
in [file-path]on line 8

Warning: simplexml_load_string() [function.simplexml-load-string ]:
Entity: line 11: parser error : Opening and ending tag mismatch: P
line 11 and BODY in [file-path]on line 8

Warning: simplexml_load_string() [function.simplexml-load-string ]:
 in [file-path]on line 8

Warning: simplexml_load_string() [function.simplexml-load-string ]: ^
in [file-path]on line 8

Warning: simplexml_load_string() [function.simplexml-load-string ]:
Entity: line 12: parser error : Opening and ending tag mismatch: BODY
line 11 and HTML in [file-path]on line 8

Warning: simplexml_load_string() [function.simplexml-load-string ]:  in [file-path]on line 8

Warning: simplexml_load_string() [function.simplexml-load-string ]: ^
in [file-path]on line 8

Warning: simplexml_load_string() [function.simplexml-load-string ]:
Entity: line 13: parser error : Premature end of data in tag META line
7 in [file-path]on line 8

Warning: simplexml_load_string() [function.simplexml-load-string ]: in
[file-path]on line 8

Warning: simplexml_load_string() [function.simplexml-load-string ]: ^
in [file-path]on line 8

Warning: simplexml_load_string() [function.simplexml-load-string ]:
Entity: line 13: parser error : Premature end of data in tag META line
6 in [file-path]on line 8

Warning: simplexml_load_string() [function.simplexml-load-string ]: in
[file-path]on line 8

Warning: simplexml_load_string() [function.simplexml-load-string ]: ^
in [file-path]on line 8

Warning: simplexml_load_string() [function.simplexml-load-string ]:
Entity: line 13: parser error : Premature end of data in tag HEAD line
5 in [file-path]on line 8

Warning: simplexml_load_string() [function.simplexml-load-string ]: in
[file-path]on line 8

Warning: simplexml_load_string() [function.simplexml-load-string ]: ^
in [file-path]on line 8

Warning: simplexml_load_string() [function.simplexml-load-string ]:
Entity: line 13: parser error : Premature end of data in tag HTML line
4 in [file-path]on line 8

Warning: simplexml_load_string() [function.simplexml-load-string ]: in
[file-path]on line 8

Warning: simplexml_load_string() [function.simplexml-load-string ]: ^
in [file-path]on line 8

Fatal error: Call to a member function children() on a non-object in
[file-path]on line 10


[twitter-dev] Re: 200 "errors"

2009-08-18 Thread Rich

Thanks Ryan I've emailed the API email address

On Aug 18, 4:21 pm, Ryan Sarver  wrote:
> Chris, Rich,
>
> Seems like you aren't the only ones right now. I'm going to work with
> Ops to see if we can figure out where it is coming from. Can you
> provide us with a little more info so it will be easier to track this
> down?
>
> 1. The IP of the machine making requests to the Twitter API. If you're
> behind NAT, please be sure to send us your *external* IP.
> 2. The IP address of the machine you're contacting in the Twitter
> cluster. You can find this on UNIX machines via the "host" or
> "nslookup" commands, and on Windows machines via the "nslookup"
> command.
> 3. The Twitter API URL (method) you're requesting and any other
> details about the request (GET vs. POST, parameters, headers, etc.).
> 4. Your host operating system, browser (including version), relevant
> cookies, and any other pertinent information about your environment.
> 5. What kind of network connection you have and from which provider,
> and what kind of network connectivity devices you're using.
>
> Thanks in advance, Ryan
>
> On Tue, Aug 18, 2009 at 4:57 AM, Rich wrote:
>
> > I'm seeing this type of behaviour too and it's getting very
> > frustrating.
>
> > Basically I'm checking for status 200, then I'm checking for Content-
> > Type XML.  However from time to time I'm getting non XML back from
> > this function.
>
> > On Aug 9, 8:27 am, Chris Babcock  wrote:
> >> This is what the200response is looking like:
>
> >> [u...@cl-t090-563cl bin]$ time curl -Lsim 
> >> 10http://twitter.com/account/rate_limit_status.xml
> >> HTTP/1.0200OK
> >> Connection: Close
> >> Pragma: no-cache
> >> cache-control: no-cache
> >> Refresh: 0.1
> >> Content-Type: text/html; charset=iso-8859-1
>
> >>  >> "http://www.w3.org/TR/1999/REC-html401-19991224/strict.dtd";>
> >> 
> >> 
> >> 
> >> 
> >> 
> >> 
> >> 
> >> 
> >> 
> >> 
>
> >> real    0m0.100s
> >> user    0m0.002s
> >> sys     0m0.004s
> >> [u...@cl-t090-563cl bin]$ time curl -Lsim 
> >> 10http://twitter.com/account/rate_limit_status.xml
> >> HTTP/1.1200OK
> >> Date: Sun, 09 Aug 2009 07:17:05 GMT
> >> Server: hi
> >> Last-Modified: Sun, 09 Aug 2009 07:17:05 GMTStatus:200OK
> >> ETag: "d3498c2414150299df3cc1f6bb73b92c"
> >> Pragma: no-cache
> >> Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, 
> >> post-check=0
> >> Content-Type: application/xml; charset=utf-8
> >> Content-Length: 302
> >> Expires: Tue, 31 Mar 1981 05:00:00 GMT
> >> X-Revision: 5a9a0d1ff0ba64c181510974278cfccc10e77d0b
> >> X-Transaction: 1249802225-83448-6420
> >> Set-Cookie: 
> >> _twitter_sess=BAh7BzoHaWQiJWVkNjk5Njk2YWNhNjQ3ZjgyOGQzNzdjNTAzMTE3ZjBmIgpm%
> >>  
> >> 250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdX
> >>  NlZHsA--639086f2287f85ef9e07f98d16adcce416b79e8d; domain=.twitter.com; 
> >> path=/
> >> Vary: Accept-Encoding
> >> Connection: close
>
> >> 
> >> 
> >>   150
> >>   150
> >>   1249805825
> >>   2009-08-09T08:17:05+00:00
> >> 
>
> >> real    0m0.184s
> >> user    0m0.002s
> >> sys     0m0.003s
>
> >> In a browser that would be functionally the same as a 302, but I'mnot
> >> using a browser so the semantics are kind of important.
>
> >> It *seems* to happen whenever I hit the API with a cold request. Pure
> >> speculation. If I think of a way to test it, I will do so.
>
> >> Chris Babcock


[twitter-dev] Re: How are we supposed to be handeling HTML responses from the API?

2009-08-18 Thread Rich

I'm getting the same issue with XML, yet the API is responding with a
200 status OK

On Aug 18, 3:59 pm, Cameron Kaiser  wrote:
> > I get this response quite frequently:
>
> >   personal:http://www.cameronkaiser.com/--
>   Cameron Kaiser * Floodgap Systems *www.floodgap.com* ckai...@floodgap.com
> -- "Endian Little Hate We" -- credits from Connectix Virtual PC 6 for Mac 
> -


[twitter-dev] Re: 200 "errors"

2009-08-18 Thread Ryan Sarver

Chris, Rich,

Seems like you aren't the only ones right now. I'm going to work with
Ops to see if we can figure out where it is coming from. Can you
provide us with a little more info so it will be easier to track this
down?

1. The IP of the machine making requests to the Twitter API. If you're
behind NAT, please be sure to send us your *external* IP.
2. The IP address of the machine you're contacting in the Twitter
cluster. You can find this on UNIX machines via the "host" or
"nslookup" commands, and on Windows machines via the "nslookup"
command.
3. The Twitter API URL (method) you're requesting and any other
details about the request (GET vs. POST, parameters, headers, etc.).
4. Your host operating system, browser (including version), relevant
cookies, and any other pertinent information about your environment.
5. What kind of network connection you have and from which provider,
and what kind of network connectivity devices you're using.

Thanks in advance, Ryan

On Tue, Aug 18, 2009 at 4:57 AM, Rich wrote:
>
> I'm seeing this type of behaviour too and it's getting very
> frustrating.
>
> Basically I'm checking for status 200, then I'm checking for Content-
> Type XML.  However from time to time I'm getting non XML back from
> this function.
>
> On Aug 9, 8:27 am, Chris Babcock  wrote:
>> This is what the200response is looking like:
>>
>> [u...@cl-t090-563cl bin]$ time curl -Lsim 
>> 10http://twitter.com/account/rate_limit_status.xml
>> HTTP/1.0200OK
>> Connection: Close
>> Pragma: no-cache
>> cache-control: no-cache
>> Refresh: 0.1
>> Content-Type: text/html; charset=iso-8859-1
>>
>> > "http://www.w3.org/TR/1999/REC-html401-19991224/strict.dtd";>
>> 
>> 
>> 
>> 
>> 
>> 
>> 
>> 
>> 
>> 
>>
>> real    0m0.100s
>> user    0m0.002s
>> sys     0m0.004s
>> [u...@cl-t090-563cl bin]$ time curl -Lsim 
>> 10http://twitter.com/account/rate_limit_status.xml
>> HTTP/1.1200OK
>> Date: Sun, 09 Aug 2009 07:17:05 GMT
>> Server: hi
>> Last-Modified: Sun, 09 Aug 2009 07:17:05 GMTStatus:200OK
>> ETag: "d3498c2414150299df3cc1f6bb73b92c"
>> Pragma: no-cache
>> Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
>> Content-Type: application/xml; charset=utf-8
>> Content-Length: 302
>> Expires: Tue, 31 Mar 1981 05:00:00 GMT
>> X-Revision: 5a9a0d1ff0ba64c181510974278cfccc10e77d0b
>> X-Transaction: 1249802225-83448-6420
>> Set-Cookie: 
>> _twitter_sess=BAh7BzoHaWQiJWVkNjk5Njk2YWNhNjQ3ZjgyOGQzNzdjNTAzMTE3ZjBmIgpm% 
>> 250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdX 
>> NlZHsA--639086f2287f85ef9e07f98d16adcce416b79e8d; domain=.twitter.com; path=/
>> Vary: Accept-Encoding
>> Connection: close
>>
>> 
>> 
>>   150
>>   150
>>   1249805825
>>   2009-08-09T08:17:05+00:00
>> 
>>
>> real    0m0.184s
>> user    0m0.002s
>> sys     0m0.003s
>>
>> In a browser that would be functionally the same as a 302, but I'mnot
>> using a browser so the semantics are kind of important.
>>
>> It *seems* to happen whenever I hit the API with a cold request. Pure
>> speculation. If I think of a way to test it, I will do so.
>>
>> Chris Babcock
>


[twitter-dev] Re: https on twimg.com?

2009-08-18 Thread Ryan Sarver

Alex,

Thanks for your email. Its a known issue with the migration to
twimg.com. We recommend while we fix the issue that you transform the
url to https://s3.amazonaws.com/twitter_production/profile_images/###/###.jpg,
the same url's we use if you browse the site via HTTPS.

Best, Ryan

On Tue, Aug 18, 2009 at 7:54 AM, Alex wrote:
>
> Our app uses https during the user session and in order to prevent
> errors in some browsers we must make sure that all files (including
> images) are loading via https as well.
>
> Up until now we were just taking the profile image URL and swapping
> http for https in the URL, and everything worked fine. For example:
> https://s3.amazonaws.com/twitter_production/profile_images/52714790/aj_normal.gif
>
> However I am noticing that as profile images get migrated to twimg.com
> the SSL is no longer working, and as a result we are not able to load
> the images for those users.
>
> For example, @garyvee's profile image is:
> http://a3.twimg.com/profile_images/333261519/twitterProfilePhoto_normal.jpg
>
> But it will not load if we request:
> https://a3.twimg.com/profile_images/333261519/twitterProfilePhoto_normal.jpg
>
> Do you have plans to support https requests on the twimg.com
> subdomains?
>
> Thanks.
>


[twitter-dev] Re: How are we supposed to be handeling HTML responses from the API?

2009-08-18 Thread Ryan Sarver

Andrew,

Thanks for bumping this up to us. Can you please also provide some
additional data to us (as much as you can) so we can help figure out
what is going on and where it is coming from?

1. The IP of the machine making requests to the Twitter API. If you're
behind NAT, please be sure to send us your *external* IP.
2. The IP address of the machine you're contacting in the Twitter
cluster. You can find this on UNIX machines via the "host" or
"nslookup" commands, and on Windows machines via the "nslookup"
command.
3. The Twitter API URL (method) you're requesting and any other
details about the request (GET vs. POST, parameters, headers, etc.).
4. Your host operating system, browser (including version), relevant
cookies, and any other pertinent information about your environment.
5. What kind of network connection you have and from which provider,
and what kind of network connectivity devices you're using.

Thanks in advance. Best, Ryan

On Tue, Aug 18, 2009 at 7:37 AM, Andrew wrote:
>
> I get this response quite frequently:
>
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
>
> And other people are getting it as well (
> http://groups.google.com/group/twitter-development-talk/browse_thread/thread/acdcb4baf76037c8/e0ac9745e4c9bfe9?lnk=gst&q=refresh#e0ac9745e4c9bfe9
> ).
>
> What is the recommended way of handling this? I could do an immediate
> refresh and hope for the best, which is my initial thought. But the
> other question is, why is a request for JSON returning HTML?
>
> The request that seems to be the most problematic for me in this
> regard is:
> http://twitter.com/statuses/friends.json
>
> I am authenticating via OAuth and not using Curl.
>


[twitter-dev] Re: 401 Error, "could not authenticate you" problem

2009-08-18 Thread JDG
are you sure your encode method is correctly base64-encoding the
credentials?

On Tue, Aug 18, 2009 at 08:18, havis  wrote:

>
> Hello Adam, actually i am using basic authentication sending login and
> password as a header request:
>
>String url = "http://twitter.com/statuses/
> friends_timeline.xml 
> ";
>String credentials = "username:password";
>credentials = encode(credentials); // this
> method encode
> the login and password as base64
>HttpConnection con =
> (HttpConnection)Connector.open
> (url);
>con.setRequestProperty("Authorization", "Basic "
> +
> credentials);
>con.setRequestMethod("GET");
>con = (HttpConnection)Connector.open(url);
>InputStream is1 = con.openInputStream();
>showReply(con, is1); // This method displays in
> the
> screen the reply from twitter that i have showed before.
>is1.close();
>
> This source code is j2me, i have implemented a similar code in java
> and it works fine, no authentication problem but when i use the code
> above, there is always the authentication problem message. Any idea?
> thanks.
>
> On 17 ago, 22:46, Adam Shannon  wrote:
> > On Mon, Aug 17, 2009 at 9:42 PM, havis  wrote:
> >
> > > Hello, i am working on a project for mobile phones and Twitter API. I
> > > made tests using java platform and everything works ok, when i use the
> > > same credentials in j2me, there is always the following message as
> > > response:
> >
> > > 
> > > 
> > >  /statuses/friends_timeline.xml
> > >  Could not authenticate you.
> > > 
> >
> > > I am using basic authentication. Did you have this problem? Can
> > > anybody help me please? thanks in advance.
> >
> > Are you using this basic format?
> > http[s]://username:passw...@twitter.com/authenticate/
> >
> > --
> > - Adam Shannon (http://ashannon.us)
>



-- 
Internets. Serious business.


[twitter-dev] Re: Anyone Else Being Blocked Again? - Tuesday Aug 18

2009-08-18 Thread Ryan Sarver

Dewald,

When you see that kind of stuff crop up, can you please capture as
much information as you can including packet dumps, headers, etc so
that we can narrow down what might be the issue? There are lots of
moving parts and we need to know where to focus our efforts.

Thanks for keeping us updated. Best, Ryan

On Tue, Aug 18, 2009 at 6:37 AM, Dewald Pretorius wrote:
>
> At around 9:30 AM EST this morning I (tweetlater) got blocked yet
> again with connection refused. It appears to be on all calls.
>
> Anyone else?
>
> Dewald
>


[twitter-dev] Re: How are we supposed to be handeling HTML responses from the API?

2009-08-18 Thread Cameron Kaiser

> I get this response quite frequently:
> 
> 

[twitter-dev] How are we supposed to be handeling HTML responses from the API?

2009-08-18 Thread Andrew

I get this response quite frequently:












And other people are getting it as well (
http://groups.google.com/group/twitter-development-talk/browse_thread/thread/acdcb4baf76037c8/e0ac9745e4c9bfe9?lnk=gst&q=refresh#e0ac9745e4c9bfe9
).

What is the recommended way of handling this? I could do an immediate
refresh and hope for the best, which is my initial thought. But the
other question is, why is a request for JSON returning HTML?

The request that seems to be the most problematic for me in this
regard is:
http://twitter.com/statuses/friends.json

I am authenticating via OAuth and not using Curl.


[twitter-dev] https on twimg.com?

2009-08-18 Thread Alex

Our app uses https during the user session and in order to prevent
errors in some browsers we must make sure that all files (including
images) are loading via https as well.

Up until now we were just taking the profile image URL and swapping
http for https in the URL, and everything worked fine. For example:
https://s3.amazonaws.com/twitter_production/profile_images/52714790/aj_normal.gif

However I am noticing that as profile images get migrated to twimg.com
the SSL is no longer working, and as a result we are not able to load
the images for those users.

For example, @garyvee's profile image is:
http://a3.twimg.com/profile_images/333261519/twitterProfilePhoto_normal.jpg

But it will not load if we request:
https://a3.twimg.com/profile_images/333261519/twitterProfilePhoto_normal.jpg

Do you have plans to support https requests on the twimg.com
subdomains?

Thanks.


[twitter-dev] Re: 401 Error, "could not authenticate you" problem

2009-08-18 Thread havis

Hello Adam, actually i am using basic authentication sending login and
password as a header request:

String url = "http://twitter.com/statuses/
friends_timeline.xml";
String credentials = "username:password";
credentials = encode(credentials); // this method 
encode
the login and password as base64
HttpConnection con = (HttpConnection)Connector.open
(url);
con.setRequestProperty("Authorization", "Basic " +
credentials);
con.setRequestMethod("GET");
con = (HttpConnection)Connector.open(url);
InputStream is1 = con.openInputStream();
showReply(con, is1); // This method displays in the
screen the reply from twitter that i have showed before.
is1.close();

This source code is j2me, i have implemented a similar code in java
and it works fine, no authentication problem but when i use the code
above, there is always the authentication problem message. Any idea?
thanks.

On 17 ago, 22:46, Adam Shannon  wrote:
> On Mon, Aug 17, 2009 at 9:42 PM, havis  wrote:
>
> > Hello, i am working on a project for mobile phones and Twitter API. I
> > made tests using java platform and everything works ok, when i use the
> > same credentials in j2me, there is always the following message as
> > response:
>
> > 
> > 
> >  /statuses/friends_timeline.xml
> >  Could not authenticate you.
> > 
>
> > I am using basic authentication. Did you have this problem? Can
> > anybody help me please? thanks in advance.
>
> Are you using this basic format?
> http[s]://username:passw...@twitter.com/authenticate/
>
> --
> - Adam Shannon (http://ashannon.us)


[twitter-dev] Re: Anyone Else Being Blocked Again? - Tuesday Aug 18

2009-08-18 Thread Dewald Pretorius

The API is again responding normally on my side as well. Must have
been a glitch in the matrix.

Dewald

On Aug 18, 10:41 am, Genevate  wrote:
> 9:40 and seems to now recovered.
> Chris-


[twitter-dev] Re: Anyone Else Being Blocked Again? - Tuesday Aug 18

2009-08-18 Thread Genevate

9:40 and seems to now recovered.
Chris-


On Aug 18, 9:37 am, Dewald Pretorius  wrote:
> At around 9:30 AM EST this morning I (tweetlater) got blocked yet
> again with connection refused. It appears to be on all calls.
>
> Anyone else?
>
> Dewald


[twitter-dev] Re: Anyone Else Being Blocked Again? - Tuesday Aug 18

2009-08-18 Thread Genevate

Yes, being blocked here also.
Chris-


On Aug 18, 9:37 am, Dewald Pretorius  wrote:
> At around 9:30 AM EST this morning I (tweetlater) got blocked yet
> again with connection refused. It appears to be on all calls.
>
> Anyone else?
>
> Dewald


[twitter-dev] Anyone Else Being Blocked Again? - Tuesday Aug 18

2009-08-18 Thread Dewald Pretorius

At around 9:30 AM EST this morning I (tweetlater) got blocked yet
again with connection refused. It appears to be on all calls.

Anyone else?

Dewald


[twitter-dev] Re: oAuth problem getting 401 on second request. shall we do something with oauth_token_secret?

2009-08-18 Thread guytom

OK, mistery resolved, we have to uri encode the signature.

For some reason Twitter behavior is inconsistent and sometimes it does
work without it that's what got us confused.


[twitter-dev] storing access tokens

2009-08-18 Thread AArruda

I'm developing a mobile app for Twitter and i am thinking about
storing the access tokens internally
so the user won't have to go through the whole web authentication
process every time the
program is used.

Is that a good practice, or are there any issues with this solution?

Thanks!


[twitter-dev] Re: 200 "errors"

2009-08-18 Thread Rich

I'm seeing this type of behaviour too and it's getting very
frustrating.

Basically I'm checking for status 200, then I'm checking for Content-
Type XML.  However from time to time I'm getting non XML back from
this function.

On Aug 9, 8:27 am, Chris Babcock  wrote:
> This is what the200response is looking like:
>
> [u...@cl-t090-563cl bin]$ time curl -Lsim 
> 10http://twitter.com/account/rate_limit_status.xml
> HTTP/1.0200OK
> Connection: Close
> Pragma: no-cache
> cache-control: no-cache
> Refresh: 0.1
> Content-Type: text/html; charset=iso-8859-1
>
>  "http://www.w3.org/TR/1999/REC-html401-19991224/strict.dtd";>
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
>
> real    0m0.100s
> user    0m0.002s
> sys     0m0.004s
> [u...@cl-t090-563cl bin]$ time curl -Lsim 
> 10http://twitter.com/account/rate_limit_status.xml
> HTTP/1.1200OK
> Date: Sun, 09 Aug 2009 07:17:05 GMT
> Server: hi
> Last-Modified: Sun, 09 Aug 2009 07:17:05 GMTStatus:200OK
> ETag: "d3498c2414150299df3cc1f6bb73b92c"
> Pragma: no-cache
> Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
> Content-Type: application/xml; charset=utf-8
> Content-Length: 302
> Expires: Tue, 31 Mar 1981 05:00:00 GMT
> X-Revision: 5a9a0d1ff0ba64c181510974278cfccc10e77d0b
> X-Transaction: 1249802225-83448-6420
> Set-Cookie: 
> _twitter_sess=BAh7BzoHaWQiJWVkNjk5Njk2YWNhNjQ3ZjgyOGQzNzdjNTAzMTE3ZjBmIgpm% 
> 250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdX 
> NlZHsA--639086f2287f85ef9e07f98d16adcce416b79e8d; domain=.twitter.com; path=/
> Vary: Accept-Encoding
> Connection: close
>
> 
> 
>   150
>   150
>   1249805825
>   2009-08-09T08:17:05+00:00
> 
>
> real    0m0.184s
> user    0m0.002s
> sys     0m0.003s
>
> In a browser that would be functionally the same as a 302, but I'mnot
> using a browser so the semantics are kind of important.
>
> It *seems* to happen whenever I hit the API with a cold request. Pure
> speculation. If I think of a way to test it, I will do so.
>
> Chris Babcock


[twitter-dev] oAuth suggestion

2009-08-18 Thread Rich

Firstly I use oAuth on my iPhone app because I like the concept but
there are problems with the oAuth pages using mobile devices, so here
are my suggestions to make the experience better

1) The page simply doesn't lend itself to a 320px wide screen.  How
about an auto-device detection similar to that used on the
search.twitter.com site?

2) The default button is deny rather than allow... so if you press the
keyboard 'DONE' button on the iPhone or hit the enter key on your
keyboard it submits the form with DENY rather than ALLOW.  This is
very frustrating to ask the user to then go re-send their oAuth
request because they've just used a keyboard shortcut rather than
clicked the Allow button.

What's everyone elses thoughts?


[twitter-dev] Re: Accessing Twitter API from UK

2009-08-18 Thread Goblin

There are location specific trend lists?

On Aug 18, 12:53 am, Carl  wrote:
> Hi there,
>
> I would like to lookup the top UK trends by accessing the twitter api
> from US, I don't see a locale parameter as part of the method, any
> pointers?
>
> Thanks


[twitter-dev] Re: oAuth problem getting 401 on second request. shall we do something with oauth_token_secret?

2009-08-18 Thread guytom

Thanks for that. It looked like its doing the job but then after doing
another one or two requests, similar to the one the worked they fail
(see below).
The strange thing is we do nothing different (besides the nonce and
timestamp of course).
Any ideas?

HTTP/1.1 401 Unauthorized
...


  /statuses/friends_timeline.xml?
oauth_consumer_key=THEKEY&oauth_nonce=63417705404234&oauth_signature_method=HMAC-
SHA1&oauth_timestamp=1250583404&oauth_token=SOMETOKEN&oauth_version=1.0&oauth_signature=THE
SIGNATURE
  Incorrect signature



On Aug 18, 1:38 am, "Brian Smith"  wrote:
> Guytom wrote:
> > One thing we don't understand and maybe causing the problem is what
> > should we do with the oauth_token_secret?
>
> http://oauth.net/core/1.0a#anchor15
>
> "... the key is the concatenated values ... of the Consumer Secret and Token
> Secret, separated by an '&' character (ASCII code 38) "
>
> - Brian


[twitter-dev] Re: My Issue with the ReTweet API and my solutions

2009-08-18 Thread Paul Kinlan
Weird - there was no emphasis intended on the favoriting as a first class
citizen paragraph - damn iphone :)

2009/8/18 Paul Kinlan 

> Hi zac,
>
> I dont think I said there is a decrease in usage just that it is developed
> by the community and as such may wane in popularity as another type of
> emergant mechanism takes it's place.
>
> I would argue that retweet should stay roughly as is and not be directly
> codified into the core architecture of Twitter as is currently being
> proposed.  I belive someone suggested a simple retweet of Id working the
> same way as replies and allowing you to enter your own comments along with
> it.
>
> The fact that there are three new views and that you can't modify a retweet
> smack of over complexity and a destruction of what makes Twitter the way it
> is - it's simplicity and I would go as far to say that it will abruptly stop
> emergant behaviour around rt.
>
> My other point generally is that this is very similar to the favoriting
> api apart from the injection into the users stream. I would love to see
> favoriting as a first class citizen.
>
> A reply and a favorite would work in a similar way to the new rt api if
> favorites were more public.
>
> The fact that retweet is part of the api and it means that if everyone
> doesn't flip over it means that the api isn't really working.
>
> One of the important things for a general user, is that they see tweets
> from people they follow as they are placing value and trust in knowing
> something is coming from one of the people they are following - they are not
> bothered that an external site can use the information or that a developer
> can do some funky stuff with the data.
>
> The other point is that is the problem the message stays intact - it only
> covers one portion of the case for retweeting.
>
> The final point I was making originally is that some sections of the
> community were less than pleased that they were losing credit for the
> original tweet (I have seen some bonkers arguments about the source of
> tweets) and the the retweeter was getting credit and not the retweetee.  The
> retweet api solves that problem, but it is in my opinion such an edge use
> case that it doesn't matter and copyright will protect you if you are
> actually that bothered about losing credit.
>
> I am not a fan of this api, but I can be convinced :) and from what I have
> been told the api is unlikely to change too much.
>
> Paul
>
> On 18 Aug 2009, at 00:32, Zac Bowling  wrote:
>
>
> I see value in a retweet API.
>
> I disagree on your first point. Retweets have been around for some
> time and still happen quite a bit. No decrease in usage. (its even
> showing in sites like mashables retweet button and
> http://iphone.tomtom.com/ (look at the share button)).
>
> The only issue I see is that not everyone will flip over to the new
> system immediately so it will not be fully adopted into the system and
> inconsistent across clients for a while.
>
> Point 3, no one says that you have to add support for it. However
> unifying the retweet functionality drastically simplifies consumption
> of retweets and outweighs any slight input requirements and an API
> complexity required for it.
>
> Point 4, I think you missing the point of how it would work
> internally. As I understand it, the original 140 char message stays
> intact.
>
> Point 5, I'm confused with what point you are trying to get across.
>
> Zac Bowling
>
>
>
> On Sat, Aug 15, 2009 at 2:00 AM, Paul Kinlan wrote:
>
> Hi Guys,
>
> When I saw the original message stating that the retweet API I was about to
>
> say straight away that I despise the idea, but I thought I would refrain -
>
> give it some thought. I still despise the idea and I have to make it known
>
> the reasons why I think it is a very very bad idea and in the long term
> will
>
> negatively affect Twitter as a communications platform for the future.
>
>
> You are embedding a user developed based meme into the Twitter
>
> infrastructure - the popularity of RT itself may wane after some point.
>
> Users are very fickle, they change their minds, take a stand and don't
>
> listen to them - you know your platform and I am pretty sure you know that
>
> this is a bit of a hack.  Let users use they system how they want, they
> will
>
> evolve how they use it, constraints via an API
>
>
> Twitter already has the capability to do smarter things
>
> that completely negate the need for this API if they just change the
> current
>
> API a little
>
>
> Not every app will use RT API (especially legacy ones) and not every user
>
> will use it and as such Twitter and this list will get lots of questions
> why
>
> certain RT's are accessible by the retweet API.  Again, RT's are a user
>
> concept, and is very easy for them not use.
>
> Whilst I use TweetDeck, I really dislike the amount of utility buttons it
>
> has and the amount of options it has - introducing another API for another
>
> function is tantamount to the same thing,