ABSTRACT
The purpose of this chapter is to introduce code that safely and securely retrieves and displays data from the Twitter service. There are two aspects to this process. One is the more obvious treatment of untrusted data, even when it comes from a trusted source. The second is to securely call the service. This is a commonly forgotten procedure, and its omission is called a security downgrade. This idea was addressed in AJAX Security (Hoffman and Sullivan 2007). This idea recognizes the fact that while a user may securely login, subsequent data requests are fetched insecurely using either clear text calls or non-verified encrypted calls, which compromises security, trust, and data integrity. A user has the reasonable expectation that security is enforced across the entire communication chain. It is the responsibility of a developer to deliver that expectation.
