Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
339 views
in Technique[技术] by (71.8m points)

php - Using javascript with the twitter API

I'm interested in making a twitter client using Adobe Air, but I'm kinda stuck right now, as I can't figure out a better way to connect to the twitter REST API since it needs authentication.

Currently, the client sends a request to my server (a php script using curl) with the twitter username/password (unencrypted) in GET variables. The server then makes a request to twitter using those credentials and outputs the buffer, which gets sent back to the client, which then processes/displays it.

This obviously is a horrendous security hole, so does anyone know of a better (more secure) way of doing it?

FYI: I'm using jQuery.

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

There are a few Base64 Encoding tools out there. You can use one of them. You can add a header with the encoded username and password based on the Basic Auth specs

Here is a post that does exactly what you want. http://www.aswinanand.com/blog/2009/01/http-basic-authentication-using-ajax/. The base64 is encoded using this library from ostermiller.org

$.ajax({    
  'url': 'http://twitter.com/action/',
  'otherSettings': 'othervalues',
  'beforeSend': function(xhr) {
    xhr.setRequestHeader("Authorization", "Basic  " + 
                          encodeBase64(username + ":" + password));
  },
  sucess: function(result) {
   alert('done');
  }
});

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

1.4m articles

1.4m replys

5 comments

57.0k users

...