OAuth so Awful!

By 24 Apr 2009 | Comment
In the space of a fortnight, Twitter has suffered two nasty vulnerabilites that allow unauthorised account access. First it was a user's ability to maliciously insert Javascript into their profile. Now it is OAuth, an open user authentication protocol used by a fair few sites, including Twitter.

Here is Twitter's official announcement of the issue.

Here is the Google Groups discussion.


Comments

It's quiet in here...Add your comment

Web Development Survey!
Which web technologies would you like to see the back of, and why?