[twitter-dev] Re: Why is Basic Auth still enabled on some sources?
Well, finding your site SuperTweet.net today was a great find for me! So I hope it doesn't go away any time soon. And I will be donating to your cause shortly. I updated my perl code using Net::Twitter to do oAuth - but it didn't work right. That's because Net::Twitter has 12+ perl module dependencies, so I couldn't get the simplest thing to work: a status update. The other stuff works ok, though. And then I found SuperTweet.net, and now status updates are a piece of cake! Thanks for making the site and the service. Much appreciated. David On Sep 14, 2:40 pm, Mr Blog mrblogdot...@gmail.com wrote: I would love to see Twitter implement essentially thehttp://SuperTweet.net approach, where I can set a separate password for use with Basic Auth credentials that do not use my real Twitter password and I can revoke or change that password independently of my real Twitter password. This would shut down thehttp://SuperTweet.netsite/service which would be fine by me (as the one who funds that service out of my own pocket). :) On Sep 13, 10:33 am, Jeff Gladnick jeff.gladn...@gmail.com wrote: There was a very easy solution, IMHO, to the basic auth issue that I am surprised twitter didn't consider. 1) Add a new field to user profile settings that is Allow basic authentication for API. Set this to be false by default for all users. You can even set a scary message here discouraging its use. 2) If you try to post to this account with basic auth, it just wont work, and will return a basic auth is disabled error. 3) Even basic users would be capable to switching this to true so their app would work. Its not too late twitter. On Sep 13, 10:07 am, isaiah isa...@mac.com wrote: The bonus is that it's a way to still use plain old curl for testing. Awesome! On Sep 13, 9:21 am, Dewald Pretorius dpr...@gmail.com wrote: They must have known that this was going to be discovered. We're developers. We like building, testing, and breaking stuff. Unequal applications of the rules. Happens all the time. Months after you've disabled something at the request of Twitter, you find well- known services that do exactly the same thing with apparent impunity in a much worse form than you did. On Sep 13, 10:40 am, funkatron funkat...@gmail.com wrote: Read on this post:http://blog.nelhage.com/2010/09/dear-twitter/ Tested just now:http://gist.github.com/577273 If I pass source=twitterandroid, it appears to work on all API methods. In light of basic auth being disabled, why does this work? -- Ed Finklerhttp://funkatron.com @funkatron AIM: funka7ron / ICQ: 3922133 / XMPP:funkat...@gmail.com -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk
Re: [twitter-dev] Re: Why is Basic Auth still enabled on some sources?
* sftriman dal...@gmail.com [100930 13:38]: Well, finding your site SuperTweet.net today was a great find for me! So I hope it doesn't go away any time soon. And I will be donating to your cause shortly. I updated my perl code using Net::Twitter to do oAuth - but it didn't work right. That's because Net::Twitter has 12+ perl module dependencies, so I couldn't get the simplest thing to work: a status update. The other stuff works ok, though. And then I found SuperTweet.net, and now status updates are a piece of cake! Thanks for making the site and the service. Much appreciated. You might give Net::Twitter::Lite a try. Very few dependencies and supports the same core feature set. -Marc -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk
[twitter-dev] Re: Why is Basic Auth still enabled on some sources?
I appreciate the response, Ryan. I'll say that it's a bummer to find out about this in that way. Twitter made a big deal about how Basic Auth was being shut off, so finding out that there were exceptions like this is confusing and disconcerting. No matter the intent, it is hard to feel respected when you discover this kind of thing. In the end, whether that matters is up to Twitter (as an entity, not the individuals who work there, to whom I'm sure it does matter). -- Ed Finkler http://funkatron.com @funkatron AIM: funka7ron / ICQ: 3922133 / XMPP:funkat...@gmail.com On Sep 14, 12:09 pm, Ryan Sarver rsar...@twitter.com wrote: Ed, As part of the migration we worked with many developers to help them with the transition and some of them, including our own Android app, had some extenuating circumstances that made them unable to make the date. For those few exceptions and extreme cases we granted them a stay of execution as long as they provided a reasonable timeline to make the transition. It pained us to do it for one of our own applications, but I'll give you some detail to help you understand why we needed to. And to be clear, we did this for a number of non-Twitter applications as well if we deemed their situation to be one that needed the stay as well. In the end all of the apps that got the stay were mobile apps that were unable to flash new versions out to devices on their own schedule and that includes the Android app on a number of devices. We have a hard shut-off date from Google which is only a few weeks away and from every other app that was given an exemption. Rest assured that EVERY app will be moved over in a timely fashion, so using their keys will only give you a short window to continue to use Basic Auth. When looking at all the possible options and scenarios, we think this was the right decision in order to move the entire ecosystem over to the new authentication model while also being reasonable when we needed to be. Best, Ryan On Mon, Sep 13, 2010 at 1:40 PM, funkatron funkat...@gmail.com wrote: Read on this post:http://blog.nelhage.com/2010/09/dear-twitter/ Tested just now:http://gist.github.com/577273 If I pass source=twitterandroid, it appears to work on all API methods. In light of basic auth being disabled, why does this work? -- Ed Finkler http://funkatron.com @funkatron AIM: funka7ron / ICQ: 3922133 / XMPP:funkat...@gmail.comxmpp%3afunkat...@gmail.com -- Twitter developer documentation and resources:http://dev.twitter.com/doc API updates via Twitter:http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Re: Why is Basic Auth still enabled on some sources?
They must have known that this was going to be discovered. We're developers. We like building, testing, and breaking stuff. Unequal applications of the rules. Happens all the time. Months after you've disabled something at the request of Twitter, you find well- known services that do exactly the same thing with apparent impunity in a much worse form than you did. On Sep 13, 10:40 am, funkatron funkat...@gmail.com wrote: Read on this post:http://blog.nelhage.com/2010/09/dear-twitter/ Tested just now:http://gist.github.com/577273 If I pass source=twitterandroid, it appears to work on all API methods. In light of basic auth being disabled, why does this work? -- Ed Finklerhttp://funkatron.com @funkatron AIM: funka7ron / ICQ: 3922133 / XMPP:funkat...@gmail.com -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Re: Why is Basic Auth still enabled on some sources?
The bonus is that it's a way to still use plain old curl for testing. Awesome! On Sep 13, 9:21 am, Dewald Pretorius dpr...@gmail.com wrote: They must have known that this was going to be discovered. We're developers. We like building, testing, and breaking stuff. Unequal applications of the rules. Happens all the time. Months after you've disabled something at the request of Twitter, you find well- known services that do exactly the same thing with apparent impunity in a much worse form than you did. On Sep 13, 10:40 am, funkatron funkat...@gmail.com wrote: Read on this post:http://blog.nelhage.com/2010/09/dear-twitter/ Tested just now:http://gist.github.com/577273 If I pass source=twitterandroid, it appears to work on all API methods. In light of basic auth being disabled, why does this work? -- Ed Finklerhttp://funkatron.com @funkatron AIM: funka7ron / ICQ: 3922133 / XMPP:funkat...@gmail.com -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Re: Why is Basic Auth still enabled on some sources?
There was a very easy solution, IMHO, to the basic auth issue that I am surprised twitter didn't consider. 1) Add a new field to user profile settings that is Allow basic authentication for API. Set this to be false by default for all users. You can even set a scary message here discouraging its use. 2) If you try to post to this account with basic auth, it just wont work, and will return a basic auth is disabled error. 3) Even basic users would be capable to switching this to true so their app would work. Its not too late twitter. On Sep 13, 10:07 am, isaiah isa...@mac.com wrote: The bonus is that it's a way to still use plain old curl for testing. Awesome! On Sep 13, 9:21 am, Dewald Pretorius dpr...@gmail.com wrote: They must have known that this was going to be discovered. We're developers. We like building, testing, and breaking stuff. Unequal applications of the rules. Happens all the time. Months after you've disabled something at the request of Twitter, you find well- known services that do exactly the same thing with apparent impunity in a much worse form than you did. On Sep 13, 10:40 am, funkatron funkat...@gmail.com wrote: Read on this post:http://blog.nelhage.com/2010/09/dear-twitter/ Tested just now:http://gist.github.com/577273 If I pass source=twitterandroid, it appears to work on all API methods. In light of basic auth being disabled, why does this work? -- Ed Finklerhttp://funkatron.com @funkatron AIM: funka7ron / ICQ: 3922133 / XMPP:funkat...@gmail.com -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en