更清楚的權限說明和私隱控制從來都是好事
From the Twitter developer forum:
“In particular, users and developers have requested greater granularity for permission levels. In response to this feedback, we have created a new permission level for applications called “Read, Write & Direct Messages”. This permission will allow an application to read or delete a user’s direct messages.When we enforce this permission, applications without a “Read, Write & Direct Messages” token will be unable to read or delete direct messages. To ensure users know that an application is receiving access to their direct messages, we are also restricting this permission to the OAuth /authorize web flow only. This means applications which use xAuth and want to access direct messages must send a user through the full OAuth flow.”
由Twitter Revokes Automatic 3rd Party DM Access, Gives Users More Details On App Permissions.
更新:OAuth和xAuth兩者似乎還有很多問題要處理,特別是OAuth在
多用戶認證和第三方Twiitter Client的應用上,應該還有很大一段路要走。
