Alex, sorry, I must be missing something pretty fundamental here, and
I don't mean to go in circles at all, but there's something I don't
understand and I'm hoping you can clarify:
I don't expect the API to support cookie auth - which is fine and what
you've said. However, I also don't expect the API to react
differently when the user is logged in or not - and you've said
yourself that the API doesn't "no concept of "logged in" or "logged
out" - but my test absolutely contradict that (see the curl examples
I appreciate you're a busy chap who probably gets inundated with
random questions, but if I want to pull this API call via a JSONP
request, it reacts differently depending whether the visitor (and
therefore the requestee) is logged in or not.
I understand that you're saying the request doesn't support cookies
for auth, and I understand that you're saying that the API *should*
know nothing about any authorised sessions. However, it the visitor
is doing a JSONP call to your API, whilst logged in - it's ask for
auth details. If they're not logged in, and perform a JSONP call, it
*doesn't* ask for details.
Can you clarify.
Many thanks - and thanks again for the great work.
On Feb 2, 7:17 pm, Alex Payne <a...@twitter.com
> We don't support session cookies as an authentication mechanism.
> On Mon, Feb 2, 2009 at 06:59, Remy Sharp <r...@leftlogic.com
> > That may be so, but the API is *definitely* giving me a different
> > response when I'm logged in.
> > I've just tried the url on curl and this *works* - i.e. full response:
> > curlhttp://twitter.com/favorites/rem.json