Welcome to WebmasterWorld Guest from

Forum Moderators: open

Message Too Old, No Replies

Yahoo API OAuth Potential Security Issue

4:51 pm on Apr 23, 2009 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month

joined:May 9, 2000
votes: 612

Yahoo API OAuth Potential Security Issue [developer.yahoo.net]
As you may know, several Yahoo! APIs use OAuth, an open standard that lets users give a service permission to access the information they’ve stored with a third-party website without exposing their password and account information. The Yahoo! APIs that leverage OAuth include our Y!OS Social Directory, Contacts, Status, and Updates APIs, as well as Fire Eagle.

Recently, the folks at OAuth let us know about a potential security issue within the protocol. At Yahoo! we take the security and privacy of our users very seriously, and so for the time being we’ve disabled the ability for users to authorize new applications via OAuth. Applications that have already been authorized will not be affected.

We recognize the impact this has on you as developers and appreciate your patience. We’re continuing to evaluate the best way to move forward and are actively working with the OAuth community to resolve the issue.

10:21 pm on Apr 23, 2009 (gmt 0)

Preferred Member

10+ Year Member

joined:Dec 5, 2002
votes: 0

And this is why Twitter also disabled it?

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members