1

I found on Assembla's webhook tool possibility to integrate with twitter. To do this assembla uses such url:

http://username:password@twitter.com/statuses/update.xml

How twitter handles that kind of URL? Is this some standard? Does it require some special logic to perform login when someone POST data for URL with username:password? How can it be done in some web frameworks like RoR or Django?

Is this type of passing authentication data secure? (looks like not but maybe I'm missing something)

dzida
  • 8,854
  • 2
  • 36
  • 57
  • 2
    no point in even trying to master basic auth with twitter. it will be disabled 08.16.2010 http://www.countdowntooauth.com/ – Jayrox Jun 30 '10 at 12:15

2 Answers2

1

Its called Basic Authentication, supported by all the major browsers. It's also very insecure using HTTP. Here is a link to a Django implementation that adds Basic Auth to its security authentication chain. link

EDIT: Basic Auth is considered secure when using HTTPS but has other issues, it is the lowest common denominator when it comes to authentication but not ideal in a lot of situations.

Community
  • 1
  • 1
ebt
  • 1,358
  • 1
  • 13
  • 18
0

Should be parsed as a basic http authentication

Fredrik Leijon
  • 2,792
  • 18
  • 20