使用JavaScript与Twitter的API
我感兴趣的是使用Adobe AIR的Twitter的客户端,但我有点坚持,现在,我想不出更好的方式来连接到Twitter的REST API,因为它需要认证。
I'm interested in making a twitter client using Adobe Air, but I'm kinda stuck right now, as I can't figure out a better way to connect to the twitter REST API since it needs authentication.
目前,客户端发送请求到服务器(使用卷曲PHP脚本)的Twitter用户名/密码(未加密)的GET变量。然后,服务器发出一个请求使用这些凭证到Twitter和输出缓冲器,其被发送回客户端,其随后处理/显示它。
Currently, the client sends a request to my server (a php script using curl) with the twitter username/password (unencrypted) in GET variables. The server then makes a request to twitter using those credentials and outputs the buffer, which gets sent back to the client, which then processes/displays it.
这显然是一个可怕的安全漏洞,所以没有人知道这样做的更好(更安全)的方式?
This obviously is a horrendous security hole, so does anyone know of a better (more secure) way of doing it?
供参考:我使用jQuery
FYI: I'm using jQuery.
有几个base64编码工具,在那里。你可以使用其中之一。您可以添加基于基本验证规范
There are a few Base64 Encoding tools out there. You can use one of them. You can add a header with the encoded username and password based on the Basic Auth specs
下面是一个职位,不正是你想要的。 http://www.aswinanand.com/blog/2009/01/http-basic-authentication-using-ajax/.基于64位的EN codeD利用 ostermiller.org
Here is a post that does exactly what you want. http://www.aswinanand.com/blog/2009/01/http-basic-authentication-using-ajax/. The base64 is encoded using this library from ostermiller.org
$.ajax({
'url': 'http://twitter.com/action/',
'otherSettings': 'othervalues',
'beforeSend': function(xhr) {
xhr.setRequestHeader("Authorization", "Basic " + encodeBase64(username + ":" + password)
},
sucess: function(result) {
alert('done');
}
});