Let's bring the discussion on the update to the new thread:
http://groups.google.com/group/twitter-development-talk/browse_thread/thread/2d68c74567bc9809
Thanks,
Doug
On Mon, Jul 20, 2009 at 10:08 PM, Doug Williams wrote:
> Martin,
> The change certainly went out prematurely which is admitte
Martin,
The change certainly went out prematurely which is admittedly a
mistake on our end. I will have details tomorrow morning to share
about our fix.
Thanks,
Doug
On Mon, Jul 20, 2009 at 7:45 PM, Martin Omander wrote:
>
> Doug,
>
> Thanks for letting us know about the new request limit. I
Doug,
Thanks for letting us know about the new request limit. I was worried
something was wrong on my side. Like the others are saying; it would
have been nice with a heads-up.
Cheers,
/Martin
Great news Doug!! It certainly has its shortcomings as it stands
now. I did change some of my code to limit its use, but I still need
to ensure my logged in users have maintained their connection.
We are going to roll this change back and re-evaluate how we can
better accomplish our goals. There are problems and shortcomings of
this strategy that we need to mitigate.
I will update this thread when we have a concrete plan to share. I do
not have a definite date or time for the rollback but
I agree Jesse. I don't see why this should be imposed on OAuth apps.
It's not likely somebody is going to guess both the token and the
token secret.
The problem is so long as they are complaining on some of our apps they are
complaining on all our apps and there's no way of telling which app caused
it. In addition, it would be nice if OAuth-authorized apps were exempt from
this limit. Stopping a potential cracker is as simple as turning off t
Doug, I would also like to know if this can be changed to trigger only
on incorrect credentials. I check to make sure a user hasn't
deactivated my app connection every time they load a page, so these 15
calls gets used up rather quickly. I've started to get some
complaints due to this error and
On Mon, Jul 20, 2009 at 1:23 PM, Doug Williams wrote:
> If you feel that 15 requests per hour per user is too low, please
> help us update this policy and share details of your use case.
One use-case where I can see this being a bottleneck is testing new
apps during development (especially OAuth
Thanks Doug. I'm anxiously looking forward to the answer to that question -
it will make things much better for those of us running scripts on the
backend who want to verify when our users have changed their passwords with
Twitter so we can notify them to change with us as well.
I understand this w
All,
This change was thrown out on the pipeline rather quickly. We admittedly
should have done a better job voicing this rollout well in advance though it
was not a normal week at HQ for a number of very public and private reasons.
Users are now limited to 15 calls to account/verify_credentials pe
Yeah, to tell you the truth the no notice thing has completely ruined my
weekend trying to re-factor broken production code thanks to this.
Jesse
On Sat, Jul 18, 2009 at 4:46 AM, Swaroop wrote:
>
> This is occurring with OAuth as well. verify_credentials is now being
> limited to 15 calls/hour.
yeah, its being limited even when i call it with a valid OAuth sig.
On Jul 18, 11:39 am, Chad Etzel wrote:
> Can someone verify if it is being limited even if the credentials are
> *correct*?
> -Chad
>
> On Sat, Jul 18, 2009 at 4:46 AM, Swaroop wrote:
>
> > This is occurring with OAuth as well
Can someone verify if it is being limited even if the credentials are *correct*?
-Chad
On Sat, Jul 18, 2009 at 4:46 AM, Swaroop wrote:
>
> This is occurring with OAuth as well. verify_credentials is now being
> limited to 15 calls/hour. I really wish they had informed us in
> advance, at least no
This is occurring with OAuth as well. verify_credentials is now being
limited to 15 calls/hour. I really wish they had informed us in
advance, at least not a day before weekend.
On Jul 18, 11:07 am, Jesse Stay wrote:
> I asked the same thing of Alex - waiting to hear back. This method is still
>
I asked the same thing of Alex - waiting to hear back. This method is still
very useful for verifying users haven't changed their passwords since the
last time the script was run. Also, in Alex's own words, OAuth isn't ready
for production yet, last I heard so probably shouldn't go that route eith
I can see why this api should be limited, but it seems (from the
outside, I'm sure maybe there are other reasons) like if the
credentials are correct, it shouldn't count against the limit. Only
limit if the attempts are bad (someone is fishing).
J.D.
> are you calling the verify credentials call? they started limiting
> that call to 15 requests per hour due to an attack vulnerability.
Ah yes, as a matter of fact I am. I was calling it each time my
application started, I'll refactor that. Thanks!
J.D.
Me too. I think more developers need to know about this - I see many
complaints of "password issues" on Twitter search recently.
Jesse
On Fri, Jul 17, 2009 at 10:17 PM, winrich wrote:
>
> are you calling the verify credentials call? they started limiting
> that call to 15 requests per hour due t
are you calling the verify credentials call? they started limiting
that call to 15 requests per hour due to an attack vulnerability. I
started getting that error today too.
On Jul 17, 4:03 pm, "J.D." wrote:
> Today I started getting this error, even only after a handful of API
> calls. Is this a
Regarding a sleep between calls, until someone from Twitter pipes in it
would be worth a use case test, yes.
On Fri, Jul 17, 2009 at 1:38 PM, J.D. wrote:
>
> WRT the sleep, I've never had to in the past. It just started failing.
>
>
--
Kevin Mesiab
CEO, Mesiab Labs L.L.C.
http://twitter.com/k
WRT the sleep, I've never had to in the past. It just started failing.
Hi Kevin,
It's downloading info for a social graph (all the users followers), so
fairly quickly. Do I need to add a sleep between calls to statuses/
followers?
J.D.
How quickly are the 30-40 calls issued?
On Fri, Jul 17, 2009 at 1:03 PM, J.D. wrote:
>
> Today I started getting this error, even only after a handful of API
> calls. Is this a new change? I've tested with two accounts, one that
> is whitelisted and another that is not. I'm getting this from bot
24 matches
Mail list logo