by: Zach

Fri, 21 Mar 2008 06:26:05 +0000

Flickr also went through some of the same issues way back… which is why their API endpoint is api.flickr.com, and they moved the crossdomain to that domain and removed it from flickr.com. other APIs do OAuth and use yahooapis.com as the API end-point.

The sad part is that adobe will be further tightening the security in Flash in their next update. But, remember you can always use a server-side proxy ;)

by: Robert

Tue, 18 Mar 2008 14:44:03 +0000

One of the suggestions from that link, interesting.
1. Move the Twitter API to api.twitter.com. Use the completely permissive crossdomain.xml on api.twitter.com.
2. Stop supporting HTTP Basic auth. on api.twitter.com. Implement OAuth or some other kind of auth. token system.
3. Require non-public API requests to include a valid user auth. token.

Comments on: Twitter kills flash apps

by: Zach

by: Robert