[twitter-dev] Re: My Issue with the ReTweet API and my solutions
Will wrote: My mindset was that why hold back a feature that solves one problem just because it doesn't solve two. What I didn't take into consideration is that it creates another problem - disparate methods of retweeting because people will revert back to the old method of retweeting when they DO want to comment on the original tweet. That makes any method of aggregating retweets posted via the API method incomplete. That is a BIG minus. Almost big enough for me to switch sides on this issue. You're right on the mark with your comments. Nearly everyone in my Twitter social circle uses RT with added commentary. In most cases they truncate or abbreviate the original message to make room for their addition. A Retweet function without a text attribute is really surprising.
[twitter-dev] Re: twitter api server seems to be down (getting invalid signature) since 5.15 pm pst
How about letting us know what the changes were...? Apparently I am one of the developers not correctly submitting signatures. I developed my code based on samples in your wiki, and have no clue what is broken with my authentication code (which has been working perfectly for some time.) On Jul 27, 7:59 pm, Doug Williams d...@twitter.com wrote: As stated above, some applications were sending invalid signatures which we were accepting as valid. This vulnerability was pointed out by a developer. Some libraries and code which may have previously worked may be broken by this security fix. Thanks, Doug On Mon, Jul 27, 2009 at 7:44 PM, Duane Roelands duane.roela...@gmail.comwrote: I am receiving 401 (Unauthorized) when calling http://twitter.com/statuses/update.xml and passing the following querystring: oauth_consumer_key=[removed] oauth_nonce=912352oauth_signature_method=HMAC- SHA1oauth_timestamp=1248748647oauth_token=19068738- hKO8qRlHPfJWqRHRkd62dGb4IiyXaXUy35Cqz58oauth_version=1.0status=This +is+a+testoauth_signature=Fl0kqJdHY5MkvxjUZQ%2bFn%2fxGORo%3d This code was working this afternoon and has not been changed. On Jul 27, 10:38 pm, goodtest goodtest...@gmail.com wrote: Are we sure there is no further regression bug in this new fix? On Jul 27, 7:14 pm, Doug Williams d...@twitter.com wrote: If you are still seeing errors you should check your code to ensure that you are sending the correct signature. Thanks, Doug On Mon, Jul 27, 2009 at 7:10 PM, winrich winric...@gmail.com wrote: mine broke too. i wonder though, i'm using the oauth python libraries On Jul 27, 6:35 pm, chinaski007 chinaski...@gmail.com wrote: Doug: Does this mean that Marcel made a fix for this? Or rather that we should examine our code to find the culprit? Thanks, Peter Bray On Jul 27, 6:24 pm, Doug Williams d...@twitter.com wrote: Updating you guys on this problem. A bug was reported off list that informed us we were not always verifying signatures. Today we shipped a fix for this problem which ensures that we are correctly verifying signatures. If you are still seeing invalid signature errors you should examine your code and ensure you are correctly signing requests as per the spec. Thanks, Doug On Mon, Jul 27, 2009 at 6:05 PM, Doug Williams d...@twitter.com wrote: Marcel is shipping a fix for this as I type. Thanks, Doug 2009/7/27 João Pereira joaomiguel.pere...@gmail.com Same here. On Tue, Jul 28, 2009 at 1:26 AM, goodtest goodtest...@gmail.com wrote: twitter api server seems to be down (getting invalid signature) since 5.15 pm pst
[twitter-dev] Re: twitter api server seems to be down (getting invalid signature) since 5.15 pm pst
No doubt. This is super frustrating. On Jul 27, 8:19 pm, kosso kos...@gmail.com wrote: agreed. please Twitter, tell us WHAT the fix required was. what should we look for. have you tested your 'fix' against all the code examples you link from the API pages? that would be nice. thx. I'm getting some posts through. some not. so something's still up/down On Jul 27, 8:04 pm, Duane Roelands duane.roela...@gmail.com wrote: You introduced a breaking change into the API with no warning and no help for developers as to the specifics of what we need to fix? Developers need better support than that. Is there some reason why posting updates to some accounts would work and posting to others would not? Using the same code, I'm able to post to my development test account but not to my personal account. On Jul 27, 10:59 pm, Doug Williams d...@twitter.com wrote: As stated above, some applications were sending invalid signatures which we were accepting as valid. This vulnerability was pointed out by a developer. Some libraries and code which may have previously worked may be broken by this security fix. Thanks, Doug On Mon, Jul 27, 2009 at 7:44 PM, Duane Roelands duane.roela...@gmail.comwrote: I am receiving 401 (Unauthorized) when calling http://twitter.com/statuses/update.xml and passing the following querystring: oauth_consumer_key=[removed] oauth_nonce=912352oauth_signature_method=HMAC- SHA1oauth_timestamp=1248748647oauth_token=19068738- hKO8qRlHPfJWqRHRkd62dGb4IiyXaXUy35Cqz58oauth_version=1.0status=This +is+a+testoauth_signature=Fl0kqJdHY5MkvxjUZQ%2bFn%2fxGORo%3d This code was working this afternoon and has not been changed. On Jul 27, 10:38 pm, goodtest goodtest...@gmail.com wrote: Are we sure there is no further regression bug in this new fix? On Jul 27, 7:14 pm, Doug Williams d...@twitter.com wrote: If you are still seeing errors you should check your code to ensure that you are sending the correct signature. Thanks, Doug On Mon, Jul 27, 2009 at 7:10 PM, winrich winric...@gmail.com wrote: mine broke too. i wonder though, i'm using the oauth python libraries On Jul 27, 6:35 pm, chinaski007 chinaski...@gmail.com wrote: Doug: Does this mean that Marcel made a fix for this? Or rather that we should examine our code to find the culprit? Thanks, Peter Bray On Jul 27, 6:24 pm, Doug Williams d...@twitter.com wrote: Updating you guys on this problem. A bug was reported off list that informed us we were not always verifying signatures. Today we shipped a fix for this problem which ensures that we are correctly verifying signatures. If you are still seeing invalid signature errors you should examine your code and ensure you are correctly signing requests as per the spec. Thanks, Doug On Mon, Jul 27, 2009 at 6:05 PM, Doug Williams d...@twitter.com wrote: Marcel is shipping a fix for this as I type. Thanks, Doug 2009/7/27 João Pereira joaomiguel.pere...@gmail.com Same here. On Tue, Jul 28, 2009 at 1:26 AM, goodtest goodtest...@gmail.com wrote: twitter api server seems to be down (getting invalid signature) since 5.15 pm pst