In fact, you could set a threshold per consumer key that you can vary. In other words, you can then allow a higher percentage XAuth (even 100%) to an app that caters largely to a Chinese market. And 0% or 10% to an app that caters largely to the USA market.
On Apr 26, 9:43 am, Dewald Pretorius <dpr...@gmail.com> wrote: > I know it's a compromise. But, it does serve the needs of a very large > number of users. > > Maybe you could monitor the authentication profile of a web app. If it > uses more XAuth than OAuth, then you know you need to contact the > owner. Or, you can set an automated percentage threshold, such as > "XAuth authentications from a particular consumer key cannot exceed > 25% of all authentications from that key." > > On Apr 26, 9:36 am, Raffi Krikorian <ra...@twitter.com> wrote: > > > > > > One solution, which I know won't win the popularity prize, is for > > > Twitter to relax its XAuth restrictions and allow web apps to use full > > > OAuth and/or XAuth, depending on what works best for them. > > > > In my case, I will still use full OAuth because it's so much better > > > than dealing with Twitter credential issues. But, I will add a small > > > link below the Twitter authorize button on my site that says something > > > like, "Can't get to Twitter.com?" which then leads to a username- > > > password entry form, and then triggers an XAuth authorization. > > > unfortunately, this defeats the purpose of oauth :( > > >http://mehack.com/xauth-and-perhaps-the-need-for-socializing-ap > > > -- > > Raffi Krikorian > > Twitter Platform Teamhttp://twitter.com/raffi > > > -- > > Subscription > > settings:http://groups.google.com/group/twitter-development-talk/subscribe?hl=en
