naim
#1
When using oEmbed, please retain the original text in the tweet.
Today, any url’s text would be replaced with a t.co shortened link, while I understand Twitter does analytics - It could also do so by only replacing the href in the link.
I believe that such a change would be really useful because if a Tweet says microsoft.com's server is down and it would render as t.co/blablabla's server is down - it would only confuse people and wouldn’t make any sense.
Not sure what you mean but just now i tried to do it through https://publish.twitter.com/# and the result is not t.co that is displayed but the original url
naim
#3
I’m referring to the oEmbed endpoint that’s used by static site generators, or forums such as this one…
There’s a oEmbed compatible oEmbed API that responds with an html tag that doesn’t contain the original text.
The following command:
curl -s --request GET --url 'https://publish.twitter.com/oembed?omit_script=1&dnt=1&url=https%3A%2F%2Ftwitter.com%2Fnaim94a%2Fstatus%2F1339324931092459523' | jq -r .html
Will return this:
<blockquote class="twitter-tweet" data-dnt="true">
<p lang="en" dir="ltr">
Now that someone else released a POC of IDA Pro's Lumina server, there's no point to keep my server's sources private anymore.<br><br>The code behind
<a href="https://t.co/8i0INv2iYE">https://t.co/8i0INv2iYE</a>
can be found here:
<a href="https://t.co/bGatHlxfW5">https://t.co/bGatHlxfW5</a>
</p>— Naim A. (@naim94a) <a href="https://twitter.com/naim94a/status/1339324931092459523?ref_src=twsrc%5Etfw">December 16, 2020</a>
</blockquote>
The two links in the tweet do not contain the original text…
The shortened URL returned is the actual Tweet text, that is stored in the Twitter API / backend, so this is the correct behaviour. In addition, the oEmbed endpoint is specifically for embedding the Tweet for display, with the Twitter widget JS.
If you need the complete Tweet text and entities, you would use the v2 Tweet lookup API, which includes the unwound URL in the entities.
2 Likes
naim
#5
I understand that this is the current intended behavior, I just don’t understand why…
- Websites with a CSP headers should/may prevent foreign scripts from executing.
- Browsers (like Edge) with “strict tracking prevention” enabled, would specifically block Twitter’s widget script.
- Something close to the original text could be obtained by following the
t.co in the Tweet without API access or rate limiting, similar to the oEmbed API - So, It’s not like Twitter is leaking more information than the already non rate-limited and non API-access-protected endpoint.
Wouldn’t it make more sense to include the original Tweet’s text in the link, especially if dnt is set?
So if the scripts are blocked, then the Tweet cannot be embedded anyway. I’m not clear what the use case you are describing is? The oEmbed endpoint is designed to serve up embeddable Tweets for web display.
naim
#7
The use case I’m describing is primarily static site generators (I personally use Hugo) that use the value of “html” from the returned oEmbed object while generating the website (no scripts required, the above html would literally be pasted into a blogpost).
In this use case the content is embedded at build time/once on the server side, instead of on the client side (with CSP/content blockers).
1 Like
@naim unfortunately oEmbed API is meant to be used together with the client-side embeds library widgets.js. We understand that the SSG use case is not well supported at the moment. Could you provide an example of what Tweets look like when embedded in your site so that we can forward this to our product team?
3 Likes
naim
#9
Sure,
this is how a tweet looks when https://platform.twitter.com/widgets.js fails to load:
thank you for the screenshot. To clarify is this site static or does it load https://platform.twitter.com/widgets.js? Also it would be helpful to see the entire page to better understand the use case.
system
closed
#11
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.
