OpenSocial: JavaScript Code of Flixster on MySpace – Start Hacking!

App developers should be able to start working with this code to understand the OpenSocial API’s and begin getting their apps ready. Download the various JS files here: opensocial.zip.

Take a glance at the MySpace source code of the profile page here: opensocial-myspace.txt.

Subscribe to Steve Poland's blog by Email

Want to read more stuff by me? Here are some of my popular posts:

Read my other start-up related posts.

http://www.kiasworld.co.uk kiakanpa

Quick work will take a look
http://www.sitesays.com/?user=smitbones Matt Smith

Steve, where did you get these files?
http://www.vestedventures.com Steve Poland

http://www.myspace.com/aber — CTO, MySpace
http://www.selfdebugging.com/ Wal

I was looking for good examples. Thanks for the tip.
http://hyper.to/blog/ Miron C

A quick look at the JavaScript code shows that the client-side JavaScript is passing the user ID to the backend without any authentication. This means that it’s trivial to mess up anybody’s Flixter profile.

This seems to be a general issue with OpenSocial. Unlike Facebook, Opensocial seems to be missing user to app authentication. I wrote an article about it:

http://hyper.to/blog/link/opensocial-insecurity-no-user-to-app-authentication/

I hope that the Facebook version of Flixster does take advantage of
their authentication mechanism.
http://sandykadam.com sandy

above link for zip file is not working also txt file link not working. can u plz check if possible send by email

thanks

Steve Poland (@popo) is a serial entrepreneur and early TechCrunch writer that now invests in passionate people building tech products with personality.