blaine's dashboard

blaine shared an idea in Foodzie on October 14, 2009 17:28:

International Support

I'd like to buy local products in the UK, and I'm sure others would like to do so in other parts of the world. Right now it doesn't look like foodzie supports those of us in the Not-US.

A comment on the problem "I can't claim my talk / speaker profile because I created an account through the "normal" flow." in Pointless Corp.:

Thanks!

It's probably worthwhile adding a check to ensure that if a logged-in user tries to sign-up with a claim link they've already used or otherwise claim a speaker/talk, they should be informed that it's already happened. I just got a standard sign-up form, which was pretty confusing. – blaine, on February 12, 2009 11:21

blaine marked one of M. Jackson Wilkinson's replies in Pointless Corp. as useful. M. Jackson Wilkinson replied to the problem "I can't claim my talk / speaker profile because I created an account through the "normal" flow.".

blaine reported a problem in Pointless Corp. on February 11, 2009 19:09:

I can't claim my talk / speaker profile because I created an account through the "normal" flow.

Is there a way to claim a talk and have it associated with a pre-existing account?

blaine replied on August 11, 2008 20:07 to the problem "I get a server error when trying to add myself as an employee" in Get Satisfaction:

Thanks! Y'all rock!

blaine marked one of Cameron Walters' replies in Get Satisfaction as useful. Cameron Walters replied to the problem "I get a server error when trying to add myself as an employee".

blaine replied on August 11, 2008 16:21 to the question "How to normalize request including GET params and XML body?" in OAuth:

This question was posted a long time ago, but I'll clarify here in case anyone has the same question.

OAuth only signs x-www-url-form-encoded parameters; if you have a "Content-type:" that is different than that (e.g., "application/xml"), then it won't be signed.

The reason it was built that way is that different body types might have different requirements for canonicalisation, and we couldn't hope to specify all of those approaches.

If you're not worried about man-in-the-middle attacks, you don't need to worry about it --- OAuth will just handle the authorization part of the request, and won't guarantee the consistency of the data.

If you are worried about the consistency of the data, and have a way to hash your XML, you can include a "regular" HTTP parameter (x-www-url-form-encoded) that *will* get signed whose value is the signature of the XML. On the server side, you can check that the value of that parameter is equal to the hash of the XML that you received.

Alternatively, you can just use SSL to ensure that the XML isn't modified in transit.

blaine reported a problem in Get Satisfaction on August 11, 2008 16:07:

I get a server error when trying to add myself as an employee

Hallo!

I tried adding myself as an employee of OAuth, and just get a server error (going from http://getsatisfaction.com/oauth/claim to http://getsatisfaction.com/oauth/clai... )

blaine replied on August 11, 2008 15:59 to the question "Can OAuth be used for file upload?" in OAuth:

The spec only specifies signing x-www-url-form-encoded parameters, so multi-part file uploads won't be included in the signature. It sounds like for what you want, the existing libraries will do the trick.

--- You're done unless... ---

If you *do* want to sign the file upload at some later date, the way we generally agree it should be done is:

- Specify a form parameter in your API that gets submitted along with your file upload.
- The value of that parameter should be a hash of the file being uploaded.
- That parameter will be signed along with the other parameters, so when the upload comes in, the server can re-create the hash of the file and verify that it matches the value of the parameter.
- If you also include the file size as a separate parameter, and verify that the size of the uploaded file matches the size specified in the parameters, you can be (reasonably) sure that the file hasn't been modified to exploit weaknesses in the hashing algorithm you're using.

blaine started following the problem "Web not posting tweets from people I follow" in Twitter.

blaine set one of blaine's replies as an official response to "US International number?" in Twitter

blaine replied on March 05, 2008 03:26 to the question "US International number?" in Twitter:

Sorry, we don't - we'd love to have one, but it's actually against FCC regulations in the US!

blaine set one of blaine's replies as an official response to "wont to love" in Twitter

blaine replied on March 05, 2008 03:23 to the question "wont to love" in Twitter:

Love is all you need!

blaine set one of blaine's replies as an official response to "Created new account before deleting old one. Now I dont get Twitts. Help!!" in Twitter

blaine replied on March 05, 2008 03:20 to the question "Created new account before deleting old one. Now I dont get Twitts. Help!!" in Twitter:

Is this still happening? Your account looks fine now, but it's been a few days so maybe you figured it out in the meantime. If so, could you post what you did to fix it? If not, I'll definitely dig deeper to see if I can find the problem.

Sorry it took so long to get back to you!

blaine set one of blaine's replies as an official response to "Is it possible to add multiple mobile devices?" in Twitter

blaine replied on March 05, 2008 03:11 to the question "Is it possible to add multiple mobile devices?" in Twitter:

Sorry, we don't support multiple devices of the same type right now; we'd really like to add support, but it'll probably be a while. Things get complicated (which phone do we send to, etc) and we want to make sure that everything makes sense.

In the meantime, feel free to set up multiple Twitter accounts - I know it doesn't solve the problem entirely, but it might help!

blaine set one of blaine's replies as an official response to "Twitter on Livejournal IM is stalking me O_O" in Twitter

blaine replied on March 05, 2008 03:09 to the question "Twitter on Livejournal IM is stalking me O_O" in Twitter:

Your LiveJournal buddy list is maintained by LiveJournal, and if the Twitter bot is showing up as online, it means they're asking us on your behalf (we don't / can't push our presence into your buddy list).

If you let me know what your LJTalk ID is, I can try to tell our server to tell them to stop showing you the Twitter bot. It sounds like a bug on the LJ side, so it might be worthwhile contacting them, too.