Hacker News new | ask | show | jobs
by rubyskills 5556 days ago
Wow, I didn't think about twitter's button. :-/ We use the twitter widget.. Do you know if the twitter js is behind a valid cert?
1 comments
rdin 5556 days ago
Unfortunately, it's been invalid for awhile. You can check it out for yourself here:

http://platform.twitter.com/widgets.js vs https://platform.twitter.com/widgets.js

link
rubyskills 5556 days ago
Drat! Someone over at twitter should fix this. :(

Luckily, we don't use that js, we use:

http://twitter.com/javascripts/blogger.js

and I just checked the certificate behind this and it's valid (I should hope twitter's main cert is valid!):

https://twitter.com/javascripts/blogger.js

and we use the json API:

http://api.twitter.com/statuses/user_timeline/healpay.json?c...

which also happens to have a valid cert:

https://api.twitter.com/statuses/user_timeline/healpay.json?...

So it looks like we're in the clear for this at least :)

link