You don't need to use Twitter's JS to show Tweets. If you choose to use their system, you're subject to their rules. If you don't like their rules, don't use their stuff.
Calling it "altering the public record" is a little hyperbolic imo. If you want to act as a repository for the public record, you better use your own system. Twitter is under no obligation to retain this kind of stuff on your behalf.
I'm not trying to say that this is right or wrong, just that these are the facts of the matter when you engage with a company's code and terms of service.
> Twitter is under no obligation to retain this kind of stuff on your behalf.
They declared something worked one way then silently changed how that thing works without properly announcing the change first and giving people enough time to adapt. Would you still be willing to make these excuses if your emails provider decided to do the same thing?
Even if it's their system, there's a limit where people would rightfully start to object.
"If you want to act as a repository for the public record, you better use your own system."
I deliberately chose Twitter's JavaScript because I inspected the design of how it worked and saw that they had deliberately built it in a way that would respect my preferences for how deletion should be handled.
They've changed that on me - without even announcing the change. This is a rug-pull.
Now I have to replace their code with my own implementation, and they've hurt my trust.
It is entertaining to watch the waves of opinion crash against each other when things happen that people don't like. The cognitive dissonance must must a deafening roar. On one hand, people get miffed when twitter changes their JS to block out quotes of deleted tweets, citing an alteration of the public record. On the other hand, people argue that twitter is not a "public square" and can do what they want with the content and users of their platform.
There's always a few that posts like this. Yes Twitter has a legal right to do stuff like this but can YOU separate what Twitter is legally allowed to do from what is the right thing to do? What's wrong with criticizing a particular policy from a corporate behemoth?
If they want to change this, they can have a new version of the widgets script that makes it clear that it will edit your site, and switch to that in future embed links from the site. Changing the existing one is leaving holes all over the web. Buzzfeed is decimated.
> I'm not trying to say that this is right or wrong
Why are you not, though? I feel like we have been so co-opted by the system that we forgot we are allowed to criticize it. A giant company with billions of dollars should not be given get out of moral jail free cards. They should absolutely be held to higher standards because of all the power they wield.
I think this is a little unexpected though since "you" are still hosting the text of the tweet on your site and publishing it to your visitors but also with a Twitter script that hides it.
I agreed with this several years ago, but I’m not sure any more. Software networks are very different than other things humans have had in the past. They are inherently winner take all and give the owner/creator unprecedented power over users that creators in past generations could only have dreamed of. I wonder if software companies should have some restrictions to make up for this
I see so many people here arguing that by embedding javascript directly from Twitter, you are accepting whatever they choose to make that javascript do. While that is true to an extent, Twitter has provided documentation for this javascript that says that if the Tweet gets deleted, the javascript will simply stop styling your quote of the tweet that you have on your website.
By changing the behavior of the javascript, without even updating the documentation, Twitter has broken every rule of being a good distributor of third-party code. In a similar vein, any third party code could at any time do any number of malicious things. Just because I didn't pay Twitter for the privilege of running their code and just because I embedded their code in my website does not make it okay for them to start distributing malware to modify my website to their liking.
There are lots of other malicious things Twitter could have the javascript do. Twitter could start showing ads before and after all quoted tweets. This would also conflict with the documentation and would be malicious.
"Twitter has broken every rule of being a good distributor of third-party code." Yes, and you've broken every rule of common sense by thinking that their goals are your goals and they have any interest in being a 'good' anything besides profitable. You are embedding code from a a money making bot. To expect them to host deleted tweets forever as some public record is absurd.
Functionality aside embedding random scripts from twitter seems like a big risk for security and privacy.
At a minimum, it should probably be embedded in a sandboxed iframe.
Just taking a screenshot, and linking to the tweet, seems like a more robust solution, that won't randomly stop working, and doesn't have the same privacy issues.
"Functionality aside embedding random scripts from twitter seems like a big risk for security and privacy."
When I started blogging again, I wanted to render my Twitter feed on the homepage, as a sort of bitesize alternative to the regular content, but I too have a deep aversion to allowing external scripts on my websites. So I added some code to my Hugo theme that pulls the tweets from my profile via the Twitter API and renders them statically.
Totally agree. I wonder if this is by-design. Lots of companies would love to have control of a javascript snippet operating on the worlds biggest websites.
> Just taking a screenshot, and linking to the tweet, seems like a more robust solution, that won't randomly stop working, and doesn't have the same privacy issues.
How long until people realize sites like Twitter are actively hostile, and embedding their scripts is equivalent to letting the Trojan horse through your gates?
Why not just copy paste or screenshot the Tweet? It's bizarre to reference a script from twitter.com directly in your site's source code and then complain that the script is doing exactly what it is supposed to.
- copy paste the content of the tweet - meta data is lost (date and time, author, obv it is possible to copy paste the text and add links to original tweet and link to an author;
- screenshot - now you dont have to add custom styles, meta data exists, but it is not usable - you can make is to click on tweet will open a tweet, but click on tweet author will open authors profile. Also screenreaders and bots - they dont parse text from images and it is harder to make images work on smaller screens.
The solution is not as simple as - ctrl+c ctrl+v text or screenshot and call it a day.
You need to consider that content will be interactive (all links should work) and accessible (for screenreaders and mobile).
___
So it is understandable why low effort approach with embedded scripts, but less secure is more popular than high effort most likely not completely working, but more secure approach.
The better way would be to use twitter api and render tweets with your own styles. Safe, accessible, interactive.
Aesthetics and familiarity? It's a lot nicer to link the user's name directly to their profile, and the date directly to their tweet on Twitter as opposed to having a separately link or whatnot. For many, especially your average Joe/Jane, will expect the aforementioned behaviour.
The problem here is that you are erasing history. Imagine someone going into the town square and yelling something profane. That can never be unheard, people will never forget. There will be record of it. Twitter is the only authority that can validate that a tweet actually happened. All other archival services can be considered questionable and easily manipulated (albeit unlikely).
Because if it's just a screenshot or your own copy/paste, I have no reason to believe it's real. The only hint of authenticity is that it's served from twitter.com. The fact that there's no way to prove a tweet even happened after it was deleted or account banned seems like a problem to me.
Non-standard doesn't mean improper. It's still valid English. Just because some people are too lazy to type or comprehend an apostrophe in the word "it's" to signify "it is" doesn't mean that the rest of us have to follow their lazy example.
Oh, this is the missing piece! It seems I'm blocking Twitter's JS if it's not on their site. I didn't even realise and I was confused about what the author meant as I could clearly see the tweet on their site.
I was so confused when the article said "See? If I embed this tweet, you can't see it" but it was there to me (since Twitter JS is blocked by at least two extensions in my browser). Thank you for pointing that out!
It's a shame there's no better way to preserve a tweet than taking a screenshot -- there's no way to prove that an individual said something, save for perhaps trusting the record on archive.org
It doesn't have to be this way. Either the individual or the platform could cryptographically sign content to prove that it really happened. I guess Twitter would prefer a plausible deniability. If anyone screenshots you saying something you regret, you can just say it was forged.
I've never had my name dragged through the mud on twitter or anything but I'm super glad knowing that if I do make a mistake I can delete it rather than having it immortalised on the internet to be used as a weapon against me forever.
Twitter itself can always prove an individual user said something. I assume they never actually delete any tweet from their system, so a proper law enforcement request can require them to verify that a particular tweet actually did originate from a handle at such and such a time & IP.
Isn't this the way the internet is supposed to work? If I link to a page and the page is removed, it'll not show, right? Same thing if I were to add that page as an iframe on my site.
So, IMHO, the title and the post doesn't make any sense. Twitter isn't editing anyone's site. You have chosen to embed some content of Twitter on yours and it is perfectly fine if they chose to remove it.
If you link to a page, whatever text you put in as the body of the link will remain. The link itself won't go anywhere, but the content you have added to it will remain. In this case, it's as if the link text also vanished when the target page vanishes.
That would be an interesting solution to link rot, admittedly - lots of older pages which are just empty lists formerly containing links to now defunct websites!
Right, but it was not added as an iframe, it was added with the actual content along with the script. So it's kind of like the iframe reaching out and deleting the surrounding conversation about that link once the page goes offline, if iframes could do such a thing.
> Isn't this the way the internet is supposed to work? If I link to a page and the page is removed, it'll not show, right? Same thing if I were to add that page as an iframe on my site.
hmm. Personally i think when u delete a tweet, you should not be able to embed it. If you changed your mind about a tweet, you should be able to decouple it from your account. If people want to refer to tweets, how about a screenshot? It's safer, faster and cant 404 when twitter is down.
And i think the whole "they edited my page" statement is ridiculous. You EMBED a part of twitter into your page. You know it can change. If you embed a youtube video, and the owner deletes it, it wont play anymore. obviously.
True of course, you pretty much hand them the key to your house to do as they please. I remember defunct banner ad services redirecting all pages with banners on them.
The problem is real tho. You casually publish 1-3 things per day. After 20 years you have many thousands of pages that slowly rot away. You could monitor them and delete the articles but that doesn't always work. A tweet and a 5 second video in the middle of a lengthy article don't render the article useless. It becomes something like old paper publications citing lists of unobtainable things.
Read the post - previously deleted tweets showed the blockquote fallback. Now they get a useless injected blank iframe, removing the blockquote from the dom.
> Malware (a portmanteau for malicious software) is any software intentionally designed to cause disruption to a computer, server, client, or computer network, leak private information, gain unauthorized access to information or systems, deprive users access to information or which unknowingly interferes with the user's computer security and privacy.
This script distributed by twitter is software intentionally designed to cause a disruption to a server and to deprive users access to information.
Well, any third-party script that you embed on your website can edit your site and do many other nefarious things (key logging, credential stealing, ...). I never got how people can just copy/paste some random JS into their own websites (often without even using integrity tags). Social embeds in particular have turned the web into a surveillance machine for large corporations, as every FB/Twitter/Instagram/... embed tracks users across every web property that has such an embed, and until very recently almost every major website had such embeds.
Luckily GDPR seems to have a chilling effect on recklessly embedding such stuff without thinking about privacy or security implications. Personally I hope that in a few years third-party embeds will mostly be a thing of the past.
We used to have this concept in software engineering, called
"coupling". Dependency or independence of each module greatly
determines the quality and reliability of the overall system.
Generally, too much coupling is bad. But you can also use
inappropriate coupling, where even a little is bad. This is an
example of inappropriate "external control coupling" (where js code is
being chenged remotely - am I wrong?) arising where light
data coupling (where data only is pulled in) is required.
The "web" has been going to hell in this way for a decade at least,
because it ceased to have boundaries. Without boundaries there cannot
be responsibility. Widespread introduction of JavaScript created a
quite different kind of technology from the WWW in which concepts of
client-browser and document-server made any sense.
Minus any reliability/security it can't be considered safe for
delivery of important materials now. If even the site owner can't
trust what you see on a site that's bad (though as people point out,
we've had this even since banner ads) But it's why I think the future
of critical "information services" (as opposed to e-commerce / social
media) is on something like Gemini.
You have to have some level of trust - our ASP.net website loads quite a few Nuget packages we regularly keep up to date. Theoretically any of them say Stripe or Paypal could add nefarious code into our site to steal a bunch of stuff - there's no practical way for us to review the source code before updating.
For Javascript if you're paranoid you can add the `integrity` attribute, and most of the time you can self host the JS although all of these come with maintenance commitments.
I think it's reasonable if you trust the source (Twitter for example) to embed their third party code.
Don't like the "Twitter Edits You" title of the article. Sensationalist/misleading.
Tweet embeds are a live link to the Twitter system to show a tweet. To show the actual tweet from the Twitter platform. If the tweet doesn't exist, there's nothing to show. No one said it should maintain some kind of 'copy' of old data on your site.
I am not particularly upset by this. You choose to embed JavaScript that interoperates with your website to make tweets look like Twitter … Twitter has decided that deleted tweets look like nothing now … that’s what you wanted.
Apparently the “contract” that Twitter would preserve the text of a deleted tweet was a tweet from some random employee.
This seems to me like an improvement for systems that don't have blockquotes in their embedding source (previously the behavior was that if there was no HTML inside the embedding element there was no fallback at all and it was just an empty element) that was an accidental regression.
I hope they add a simple check if the element has children or not to fix the regression, but I work on an app where some sort of fallback UI for deleted Tweets is a welcome change, even if "blank Tweet card" isn't a huge improvement, it's still a small win to get some hard-to-fix-on-our-side UI complaints off the backlog.
Disclaimer: I'm not a web developer nor a journalist/blogger, whatever.
My non-expert, likely useless, take on this:
Don't use Twitter's technology. If you're interested in quoting a tweet to create a public take a screenshot, copy of the text, quote it and provide a link. Simple.
If part of your post links, or portals, to another site you don't control it's not part of your blog/post/site. Complaining when remote content changes is pointless. You're not capturing what was when you link to remote content managed by someone else you're capturing something live, it's not a public record. It isn't quoting anything.
The key is that they're not linking remote content – they copied the content of the tweets into their websites' code, and then used Twitter's JS to render it. I.e., it used to be a purely stylistic change.
All of a sudden, this very inert code has changed, without warning, to actually edit any websites using it to delete the text that they put there. I think many would consider this malware-adjacent, if it wasn't from such a large company.
Implicitly, when you quote a tweet you are agreeing to a contract of adhesion (basically a shrink wrap license or "by using this site you agree to our terms"). Twitter even told people that the quoted text would remain.
Now site ToS usually say that they can change the terms whenever they want. But that's going forward: something you wrote in the past should be under the contemporaneous terms.
So I wonder if someone could successfully sue under California law. If successful, it would be a great improvement to consumer rights.
> That widgets.js script looks for blockquotes with the class="twitter-tweet" on, and replaces them with a Twitter branded iframe to confirm that it is a real tweet
And that's how most libraries work? I don't see an issue. Yes, if you delete the tweet it seems they changed the behaviour (and that might be an actual bug) but still...
How are you supposed to prove the tweet actually happened if you just post a screenshot? It's trivial to forge a screenshot of a tweet to say whatever you want.
Why do you people even use Twitter? It's one giant pile of crappy content and dark ux patterns. What did you expect? That they'd play nice forever? Are you really new to this? Did your preschool not have a sandbox?
This is so stupid on twitter's part. It's obviously easy for publishers to work around by including both the blockquote of the tweet (unadorned), plus the version w/ the twitter embed class.
This is why I never use these iframe widgets. They are not only useless and untrustworthy, they are also damn slow. I take a screenshot of the tweet I want to reference, put it into a bucket behind a CDN and then embed an <img> of the tweet inside an <a> which links back to the tweet. If the tweet gets deleted then the link will break and users will see that the tweet was deleted, but my screenshot stored on my own servers will remain forever and my website will continue to make sense.
Own your data, own your blogs, own your words, own what you create/write/do on the web. Don't rely on third party services uphold a common sense contract or what most people would expect is the ethical/correct/good thing to do.
Unless you commit and are convicted of an actual crime with your tweet, nothing - absolutely nothing - should result in a blanket ban or deletion of your post. And no, insulting the embedded bloodsuckers that hold congress (and our lives) in an iron grip is not a crime.
We need to go back to the days when sticks and stones broke bones; when words were correctly not "violence" and that your right to not be insulted existed solely in that self-important (but empty) cavern between your ears.
why dont you just remove the javascript so they appear as blockquotes? seems a bit dramatic. dont think i would expect twitter to show deleted tweets in the first place, id probably just use a screenshot if its something that i think might be removed.
If permanency is a priority then letting external scripts be responsible for presenting content is not a good idea, especially if the agreement doesn't make any promises about whether content will be permanent, and doubly so if the agreement / terms of service explicitly say they can change the behaviour of their services at any time.
What this probably calls for and maybe something is out there is some service that can embed, archive, and track changes to a tweet or social media post. You'd embed the same way, but the archive will fetch and cache the content. It could then serve up the original version, as well as a timeline of changes.
The right to be forgotten has merit though, and I can see twitter's logic there and probably they're under pressure via GDPR or something. So any archival or cache service would need to take that into account. Various countries and districts have varying laws on what is and isn't official public record too, so it seems like managing that could be the function of a dedicated archival service.
The API contract laid out in their documentation. There’s a screenshot in the post right around there.
The API contract is:
> What happens when an author deletes their Tweet?
The Twitter widgets JavaScript will not display a fully-rendered Tweet if the Tweet no longer exists on Twitter. The fallback <blockquote> containing Tweet information will be visible on the page.
I've never understood why people even wanted to use this. For the styling? So you can just copy some random stuff from Twitter and it looks like Twitter but is also interactive?
Just with the Facebook like-Button, you're exposing your visitors to the tracking of Twitter.
For what? Just so you can quickly copy one snippet and be done with it, instead of manually copying author name, content and link and spending 10 seconds to format this yourself.
I wish I had something constructive to say, but this always seemed like a totally unnecessary "feature" with a lot of downsides. Instead of embedding 280 characters in your website you make it download an order of magnitude more from somewhere else and then execute code to display those characters in a way someone else deems appropriate.
I mean it's fairly easy to understand why people used this.
It's very convenient (just click share or use a WordPress widget to embed tweet), it always look pretty, and there are multiple actions available from the tweet: go to profile, reply, share ...
So more features for less time to set-up. This is a service like all other Service, you usually tradeoff something like privacy for convenience. Why use Dropbox when you can have your own NAS ?
One advantage I've seen people recently point out about using content transclusions in general (where the Twitter widget is an example of such), is that these provide some level of evidence that the transcluded content is really something that exists at the source. Screenshots and other "fetch and burn into the reciever" approaches can be fabricated very easily to create fake news; but it's a bit more of a technical challenge to fabricate a widget such that it appears to be pulling material from a source — especially if there's also a canonical deep-link back to said source embedded in it.
> For what? Just so you can quickly copy one snippet and be done with it, instead of manually copying author name, content and link and spending 10 seconds to format this yourself.
Unfortunately copyright law is not going to be happy with that one. [0] It's insanely complicated, but basically, as things are at the moment, the original poster has a right to retract the publication at any time. You may find yourself in legal hot water if your copy doesn't disappear at the same time as the original.
It is for a good reason. The original content of the tweet is preserved and not editorialized. Also Twitter has explicit rules around the display of tweets
The worst example being media organisations. Why would you cede any remaining semblance of journalistic authority by cheaply embedding tweets into a news article. Handpicked commentary from a narrow part of the internet does not constitute an expert opinion, nor does it lend you any credibility. If anything, it lets me know that I’m seeking news in the wrong place. The short term gains, if there are any real ones, seem to be obviously outweighed by the negative impacts to your reputation as a news organisation.
tofuahdude|3 years ago
Calling it "altering the public record" is a little hyperbolic imo. If you want to act as a repository for the public record, you better use your own system. Twitter is under no obligation to retain this kind of stuff on your behalf.
I'm not trying to say that this is right or wrong, just that these are the facts of the matter when you engage with a company's code and terms of service.
hda2|3 years ago
They declared something worked one way then silently changed how that thing works without properly announcing the change first and giving people enough time to adapt. Would you still be willing to make these excuses if your emails provider decided to do the same thing?
Even if it's their system, there's a limit where people would rightfully start to object.
simonw|3 years ago
I deliberately chose Twitter's JavaScript because I inspected the design of how it worked and saw that they had deliberately built it in a way that would respect my preferences for how deletion should be handled.
They've changed that on me - without even announcing the change. This is a rug-pull.
Now I have to replace their code with my own implementation, and they've hurt my trust.
theelous3|3 years ago
You have badly missed the most crucial message of the post.
When you copy the embed link, you are copying the string literal of the tweet too.
You put this text on your site. You are the one retaining it.
The twitter module is hiding the text from the rendered page, rather than loading the local copy.
batch12|3 years ago
Edit: clarified js change
macspoofing|3 years ago
epeus|3 years ago
newswasboring|3 years ago
Why are you not, though? I feel like we have been so co-opted by the system that we forgot we are allowed to criticize it. A giant company with billions of dollars should not be given get out of moral jail free cards. They should absolutely be held to higher standards because of all the power they wield.
sacrosancty|3 years ago
gentleman11|3 years ago
blendergeek|3 years ago
By changing the behavior of the javascript, without even updating the documentation, Twitter has broken every rule of being a good distributor of third-party code. In a similar vein, any third party code could at any time do any number of malicious things. Just because I didn't pay Twitter for the privilege of running their code and just because I embedded their code in my website does not make it okay for them to start distributing malware to modify my website to their liking.
There are lots of other malicious things Twitter could have the javascript do. Twitter could start showing ads before and after all quoted tweets. This would also conflict with the documentation and would be malicious.
mgamache|3 years ago
WatchDog|3 years ago
At a minimum, it should probably be embedded in a sandboxed iframe.
Just taking a screenshot, and linking to the tweet, seems like a more robust solution, that won't randomly stop working, and doesn't have the same privacy issues.
victorstanciu|3 years ago
When I started blogging again, I wanted to render my Twitter feed on the homepage, as a sort of bitesize alternative to the regular content, but I too have a deep aversion to allowing external scripts on my websites. So I added some code to my Hugo theme that pulls the tweets from my profile via the Twitter API and renders them statically.
PinguTS|3 years ago
jdrc|3 years ago
Closi|3 years ago
scim-knox-twox|3 years ago
And have none accessibility.
8n4vidtmkvmk|3 years ago
car_analogy|3 years ago
im3w1l|3 years ago
[deleted]
paxys|3 years ago
polydevil|3 years ago
- screenshot - now you dont have to add custom styles, meta data exists, but it is not usable - you can make is to click on tweet will open a tweet, but click on tweet author will open authors profile. Also screenreaders and bots - they dont parse text from images and it is harder to make images work on smaller screens.
The solution is not as simple as - ctrl+c ctrl+v text or screenshot and call it a day. You need to consider that content will be interactive (all links should work) and accessible (for screenreaders and mobile).
___
So it is understandable why low effort approach with embedded scripts, but less secure is more popular than high effort most likely not completely working, but more secure approach.
The better way would be to use twitter api and render tweets with your own styles. Safe, accessible, interactive.
lapser|3 years ago
deanc|3 years ago
jazzyjackson|3 years ago
riffic|3 years ago
An apostrophe as a possessive marker in its is nonstandard:
https://en.m.wiktionary.org/wiki/it%27s#Etymology_2
underdeserver|3 years ago
ghayes|3 years ago
dumpsterdiver|3 years ago
slater|3 years ago
https://i.imgur.com/cb5Lyd5.png
db48x|3 years ago
lapser|3 years ago
Hamcha|3 years ago
WrtCdEvrydy|3 years ago
jazzyjackson|3 years ago
It doesn't have to be this way. Either the individual or the platform could cryptographically sign content to prove that it really happened. I guess Twitter would prefer a plausible deniability. If anyone screenshots you saying something you regret, you can just say it was forged.
maccard|3 years ago
true_repairman|3 years ago
Santosh83|3 years ago
thunderbong|3 years ago
So, IMHO, the title and the post doesn't make any sense. Twitter isn't editing anyone's site. You have chosen to embed some content of Twitter on yours and it is perfectly fine if they chose to remove it.
mpettitt|3 years ago
That would be an interesting solution to link rot, admittedly - lots of older pages which are just empty lists formerly containing links to now defunct websites!
saagarjha|3 years ago
scim-knox-twox|3 years ago
But the link still will be on your site.
ki_|3 years ago
And i think the whole "they edited my page" statement is ridiculous. You EMBED a part of twitter into your page. You know it can change. If you embed a youtube video, and the owner deletes it, it wont play anymore. obviously.
6510|3 years ago
The problem is real tho. You casually publish 1-3 things per day. After 20 years you have many thousands of pages that slowly rot away. You could monitor them and delete the articles but that doesn't always work. A tweet and a 5 second video in the middle of a lengthy article don't render the article useless. It becomes something like old paper publications citing lists of unobtainable things.
unknown|3 years ago
[deleted]
epeus|3 years ago
oauea|3 years ago
Malware is defined by Wikipedia as:
> Malware (a portmanteau for malicious software) is any software intentionally designed to cause disruption to a computer, server, client, or computer network, leak private information, gain unauthorized access to information or systems, deprive users access to information or which unknowingly interferes with the user's computer security and privacy.
This script distributed by twitter is software intentionally designed to cause a disruption to a server and to deprive users access to information.
ThePhysicist|3 years ago
Luckily GDPR seems to have a chilling effect on recklessly embedding such stuff without thinking about privacy or security implications. Personally I hope that in a few years third-party embeds will mostly be a thing of the past.
nonrandomstring|3 years ago
The "web" has been going to hell in this way for a decade at least, because it ceased to have boundaries. Without boundaries there cannot be responsibility. Widespread introduction of JavaScript created a quite different kind of technology from the WWW in which concepts of client-browser and document-server made any sense.
Minus any reliability/security it can't be considered safe for delivery of important materials now. If even the site owner can't trust what you see on a site that's bad (though as people point out, we've had this even since banner ads) But it's why I think the future of critical "information services" (as opposed to e-commerce / social media) is on something like Gemini.
TomGullen|3 years ago
For Javascript if you're paranoid you can add the `integrity` attribute, and most of the time you can self host the JS although all of these come with maintenance commitments.
I think it's reasonable if you trust the source (Twitter for example) to embed their third party code.
ChrisArchitect|3 years ago
Tweet embeds are a live link to the Twitter system to show a tweet. To show the actual tweet from the Twitter platform. If the tweet doesn't exist, there's nothing to show. No one said it should maintain some kind of 'copy' of old data on your site.
epeus|3 years ago
taspeotis|3 years ago
Apparently the “contract” that Twitter would preserve the text of a deleted tweet was a tweet from some random employee.
epeus|3 years ago
WorldMaker|3 years ago
I hope they add a simple check if the element has children or not to fix the regression, but I work on an app where some sort of fallback UI for deleted Tweets is a welcome change, even if "blank Tweet card" isn't a huge improvement, it's still a small win to get some hard-to-fix-on-our-side UI complaints off the backlog.
account-5|3 years ago
My non-expert, likely useless, take on this:
Don't use Twitter's technology. If you're interested in quoting a tweet to create a public take a screenshot, copy of the text, quote it and provide a link. Simple.
If part of your post links, or portals, to another site you don't control it's not part of your blog/post/site. Complaining when remote content changes is pointless. You're not capturing what was when you link to remote content managed by someone else you're capturing something live, it's not a public record. It isn't quoting anything.
numeri|3 years ago
All of a sudden, this very inert code has changed, without warning, to actually edit any websites using it to delete the text that they put there. I think many would consider this malware-adjacent, if it wasn't from such a large company.
gumby|3 years ago
Now site ToS usually say that they can change the terms whenever they want. But that's going forward: something you wrote in the past should be under the contemporaneous terms.
So I wonder if someone could successfully sue under California law. If successful, it would be a great improvement to consumer rights.
bussetta|3 years ago
ethanwillis|3 years ago
raverbashing|3 years ago
(it is correct on the site itself)
> That widgets.js script looks for blockquotes with the class="twitter-tweet" on, and replaces them with a Twitter branded iframe to confirm that it is a real tweet
And that's how most libraries work? I don't see an issue. Yes, if you delete the tweet it seems they changed the behaviour (and that might be an actual bug) but still...
jdrc|3 years ago
maxloh|3 years ago
fay59|3 years ago
unknown|3 years ago
[deleted]
dheera|3 years ago
If you cared about JS injection why would you embed anything?!
jazzyjackson|3 years ago
throwuxiytayq|3 years ago
ec109685|3 years ago
End result will be much uglier pages.
dustinmoris|3 years ago
Own your data, own your blogs, own your words, own what you create/write/do on the web. Don't rely on third party services uphold a common sense contract or what most people would expect is the ethical/correct/good thing to do.
rini17|3 years ago
I can see the publishers unhappy and actively obstructing such a solution though.
tester89|3 years ago
jdrc|3 years ago
mlatu|3 years ago
maybe there should be an open and distributed ACTUAL public record? have we finally found an actual usecase for blockchains?
meatsauce|3 years ago
We need to go back to the days when sticks and stones broke bones; when words were correctly not "violence" and that your right to not be insulted existed solely in that self-important (but empty) cavern between your ears.
unknown|3 years ago
[deleted]
TomGullen|3 years ago
grey_earthling|3 years ago
iepathos|3 years ago
stingraycharles|3 years ago
joelhaasnoot|3 years ago
smokey_circles|3 years ago
Oh come off it already. What a remarkably brain dead opinion.
Twitter _is not a public utility_. It owes you _nothing_. Their property, their decision. That simple.
I do have an issue with the idea of their JS manipulating your own website but fuck off with this "Twitter is a public service" argument.
- They don't have to give you an account
- You are not entitled to make demands of them
- You can always use another service
Goddamned children. Enough already.
xigoi|3 years ago
peanut_worm|3 years ago
parksy|3 years ago
What this probably calls for and maybe something is out there is some service that can embed, archive, and track changes to a tweet or social media post. You'd embed the same way, but the archive will fetch and cache the content. It could then serve up the original version, as well as a timeline of changes.
The right to be forgotten has merit though, and I can see twitter's logic there and probably they're under pressure via GDPR or something. So any archival or cache service would need to take that into account. Various countries and districts have varying laws on what is and isn't official public record too, so it seems like managing that could be the function of a dedicated archival service.
unknown|3 years ago
[deleted]
unknown|3 years ago
[deleted]
vixen99|3 years ago
demarq|3 years ago
What contract?
renewiltord|3 years ago
The API contract is:
> What happens when an author deletes their Tweet? The Twitter widgets JavaScript will not display a fully-rendered Tweet if the Tweet no longer exists on Twitter. The fallback <blockquote> containing Tweet information will be visible on the page.
Cgwftsn|3 years ago
iforgotpassword|3 years ago
Just with the Facebook like-Button, you're exposing your visitors to the tracking of Twitter.
For what? Just so you can quickly copy one snippet and be done with it, instead of manually copying author name, content and link and spending 10 seconds to format this yourself.
I wish I had something constructive to say, but this always seemed like a totally unnecessary "feature" with a lot of downsides. Instead of embedding 280 characters in your website you make it download an order of magnitude more from somewhere else and then execute code to display those characters in a way someone else deems appropriate.
elcomet|3 years ago
It's very convenient (just click share or use a WordPress widget to embed tweet), it always look pretty, and there are multiple actions available from the tweet: go to profile, reply, share ...
So more features for less time to set-up. This is a service like all other Service, you usually tradeoff something like privacy for convenience. Why use Dropbox when you can have your own NAS ?
derefr|3 years ago
2muchcoffeeman|3 years ago
shakna|3 years ago
Unfortunately copyright law is not going to be happy with that one. [0] It's insanely complicated, but basically, as things are at the moment, the original poster has a right to retract the publication at any time. You may find yourself in legal hot water if your copy doesn't disappear at the same time as the original.
[0] https://australiacouncil.gov.au/workspace/uploads/files/soci...
hackernewds|3 years ago
sings|3 years ago
bussetta|3 years ago
Zardoz84|3 years ago
jazzyjackson|3 years ago