Analysis of the "http://widgets.twimg.com/j/2/widget.js" File


#1

Hello,

I am the web content administrator over http://stthom.edu. We are currently in the process of working with the University IT department to get approval to use the Official Twitter Embed Widget found here: https://twitter.com/about/resources/widgets …on various University Offices & Departments that have their own Twitter accounts.

The University’s IT department has expressed some concerns about the Javascript file (http://widgets.twimg.com/j/2/widget.js) used to implement the widget in terms of what all the script does as well as any actions in may be taking on the Universities servers.


From UST’s IT Department:

If no other “simpler” version of an embed script can be found that we would be comfortable loading on our own servers then we can discuss utilizing the official twitter script as you’ve suggested, but in the interest of due diligence we ask that you try and identify an embed script / method that 1) does not link to an external JS/script or 2) we can get permission to load the script on our servers AND the script is relatively simple enough that we can be assured it’s not going to cause problems on our system.


I hope I’ve posted this in the right place to get some clarity from someone at Twitter and if not, can someone direct me to the proper channel to get this answered?

Thanks
WCA


#2

i wonder how a client-side script can cause any problem server-side… Scripts are loaded cross-domain and have no interaction at all with the server where it’s hosted. I think your IT department should relax a little.

If they don’t you can always program your own widget, it’s really easy, and if your IT department is comfortable with hosting JQuery, you could do it in 4 lines of code.


#3