Question

88

Using javascript with the twitter API

rated 0 times [ 89] [ 1] / answers: 1 / hits: 15690 / 15 Years ago, sun, march 22, 2009, 12:00:00

I'm interested in making a twitter client using Adobe Air, but I'm kinda stuck right now, as I can't figure out a better way to connect to the twitter REST API since it needs authentication.

Currently, the client sends a request to my server (a php script using curl) with the twitter username/password (unencrypted) in GET variables. The server then makes a request to twitter using those credentials and outputs the buffer, which gets sent back to the client, which then processes/displays it.

This obviously is a horrendous security hole, so does anyone know of a better (more secure) way of doing it?

FYI: I'm using jQuery.

Answers

Only authorized users can answer the question. Please sign in first, or register a free account.

darennevina

Add To Favorites

Follow

Total Points: 422

Total Questions: 128

Total Answers: 105

Location: Comoros

Member since Tue, Mar 14, 2023

1 Year ago

answered 15 Years ago malkajillc · Accepted Answer

There are a few Base64 Encoding tools out there. You can use one of them. You can add a header with the encoded username and password based on the Basic Auth specs

Here is a post that does exactly what you want. http://www.aswinanand.com/blog/2009/01/http-basic-authentication-using-ajax/. The base64 is encoded using this library from ostermiller.org

$.ajax({    

  'url': 'http://twitter.com/action/',

  'otherSettings': 'othervalues',

  'beforeSend': function(xhr) {

    xhr.setRequestHeader(Authorization, Basic   + 

                          encodeBase64(username + : + password));

  },

  sucess: function(result) {

   alert('done');

  }

});