开发者

Hotlinking Twitter avatar images?

开发者 https://www.devze.com 2022-12-19 06:38 出处:网络
The Twitter API returns this value for the Twitter account \'image_url\': http://a1.twimg.com/profile_images/75075164/twitter_bird_profile_bigger.png

The Twitter API returns this value for the Twitter account 'image_url': http://a1.twimg.com/profile_images/75075164/twitter_bird_profile_bigger.png

In my Twitter client webapp, I am considering hotlinking the HTTPS version of avatars which is hosted on Amazon S3 : https://s3.amazonaws.com/twitter_production/profile_images/75075164/twitter_bird_profile_bigger.png

Any best practices which would discourage me from doing this ? Do 3rd party Twitter client applications typically host their own copies of avatars ?

EDIT: To clarify, I need to use HTTPS for images because my webapp will use a HTTPS connection and I don't want my users to get security warnings from their browser about the page containing some content which is not authenticated. For example, Firefox is known to complain about mixed http/https content.

My problem is to figure out whether or not hotlinking the https URLs is forbidden by Twitter, since these URLs are not "public" from their API. I g开发者_运维百科ot them by analyzing their web client HTML source when connected to my Twitter account in HTTPS.


Are you thinking of storing the image URL in your application or retrieving it for the user as it is required?

If its the latter option then I don't see an issue with hot-linking the images. If you are storing the location of the image url in your own system then I see you having broken links whenever the images change (I'm sure they will change the URLs at some point in the future).

Edit

Ok, now i see your dilemma. I've looked through the API docs and there doesnt seem to be too much in terms of being able to get images served in HTTPS or getting the URL of the Amazon S3 image. You could possibly write a handler on your own server that would essentially cache & re-serve the HTTP image as HTTPS however thats a bit of un-neccesary load on your servers. Short of that I haven't come across a better solution. GL


the things seems updated since that.

Please check: https://dev.twitter.com/docs/user-profile-images-and-banners

The SSL-enabled path template for a profile image is indicated in the profile_image_url_https. The table above demonstrates how to apply the same variant selection techniques to SSL-based images.


Why would you want to copy the image to your own webspace? This will increase your bandwidth cost and you get cache consistency issues.

Use the URL that the API gives you.

I can see that you may want to cache the URL that the API returns for some time in order to reduce the amount of API calls.

If you are writing something like an iPhone app, it makes sense to cache the image locally (on the phone), in order to avoid web traffic altogether, but replacing one URL with another URL should not make a difference (assuming that the Twitter image server works reliably).

Why do you want HTTPS?

0

精彩评论

暂无评论...
验证码 换一张
取 消

关注公众号