Translate Ideas and Comments
Choose language:
There was an error during translation

Developers

Categories

JUMP TO ANOTHER FORUM

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Imagine the following attack for the OAuth 2.0 authorization flow:

    1. Attacker steals the authorization code from the redirect URI.
    2. Attacker forces his instance of the client to redeem the victim's authorization code.
    3. If the attacker's instance of the client is faster than the victim's instance of the client in redeeming the authorization code, the attacker will get a valid login session within his instance of the client, but for the victim's account.

    This attack should especially get attention in the context of Twitch and live streaming, since many streamers are definitely not aware of this vulnerability: If people are logging…

    16 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Investigating  ·  1 comment  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
  2. https://dev.twitch.tv/docs/extensions/reference/#send-extension-pubsub-message

    The docs say Valid values: "broadcast", "global".

    But, the target 'whisper-opaqueId' to send "per user" pusub message is missing.

    12 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Investigating  ·  1 comment  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
  3. The IRC gateway passes whispers using the WHISPER code:

    [16:36:15] [@] @badges=bits-charity/1;color=#3E2E18;display-name=foo;emotes=;message-id=2;thread-id=21001676_470220570;turbo=0;user-id=2109996;user-type= :foo!foo!foo.twitch.tv WHISPER myuser :this is a whisper
    

    But I am unable to find any reference to that code on https://dev.twitch.tv/docs/irc/commands where I would expect it, or any other documentation page under the "Chatbots and IRC" section.

    I would suggest adding the WHISPER command to the list of commands at the top of the page on the IRC: Commands section, something similar to:

    WHISPER Receive a Whisper message from another user

    and then the prototype at the bottom, to include the fact that it appears the WHISPER command is…

    10 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Investigating  ·  0 comments  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
  4. Could you please add documentation about how the chat filters feature in web chat is implemented? Other chat client could really benefit from filtering those messages or highlighting them for moderators as suspicious behavior.

    To pin point the exact feature I provided screenshots from the official web browser chat:
    - in action: https://i.imgur.com/CfzMx0z.png
    - and the associated settings: https://i.imgur.com/8dYADBk.png

    8 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
  5. From: https://github.com/twitchdev/issues/issues/25

    Brief description

    https://dev.twitch.tv/docs/pubsub#topics

    PubSub documentation mentions the requirement to use an oAuth token, but doesn't directly specify which type of token, nor the requirement for the UserID of the token to match the UserID of the topic.

    Authentication
    All topics require an OAuth token, but only some topics have a specific required scope (noted in the table below).
    
    Available Topics
    All topics require an OAuth token, but only some topics have a specific required scope (noted in the table).
    

    Expected documentation

    Authentication
    All topics require a User Access OAuth token, where the UserID of the token matches the
    7 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Planned  ·  1 comment  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
  6. 7 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
  7. Please host the example code in an official Twitch organization on GitHub such as:
    https://github.com/TwitchDev
    https://github.com/twitchtv

    6 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Investigating  ·  1 comment  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
  8. Both

    https://dev.twitch.tv/docs/api/reference#get-banned-events

    https://dev.twitch.tv/docs/api/reference#get-moderator-events

    Only hold only "data" for a finite time period.

    The documentation does not note the time period that data is retained and returned for.

    Hypetrains does not it's 5 days.

    6 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
  9. https://dev.twitch.tv/docs/irc#overview

    Row:
    client.connect();

    Should be replaced with:
    client.connect().catch((err) => {console.log('Connection error!', err)});
    or smth like that.

    Let's show users how to write good code, and show them, that all Promises should be handled. Unhandled promise rejections is bad!

    Tmi.js Library also have connect example which contain promise handling

    6 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Planned  ·  0 comments  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
  10. Step 2 is unclear or wrong.

    I'm unable to make it work only by changing the Client-ID, nor removing the Authentication headers.
    You should precise that both need to be changed. Or maybe the OAuth token should work, but it doesn't.

    Fix your documentation it's important for developers that everything written here is clear and easily understandable by anyone (or at least devs).

    I recommend you to make a full review of the entire documentation... (Get some newbie devs to test it, if they do not understand, it's not written correctly)

    Also I really encourage you to make some sample…

    5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    In Progress  ·  1 comment  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
  11. This should say a secure website is required. Took me 2 hours to figure out what was wrong.

    5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
  12. https://dev.twitch.tv/docs/pubsub

    Has no examples or documentation for payloads for chatmoderatoractions

    5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Planned  ·  0 comments  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
  13. From: https://github.com/twitchdev/issues/issues/68

    Docs location: https://dev.twitch.tv/docs/irc/msg-id

    bad_ban_global_mod & bad_timeout_global_mod are gone for as far as i know (ref: https://blog.twitch.tv/en/2018/12/13/thank-you-global-moderators-4d44cfccf22/)

    Missing notices for vip events (vip_success, unvip_success, no_vips, bad_vip_grantee_banned, bad_vip_grantee_already_vip, usage_vip & bad_unvip_grantee_not_vip Might have missed some.

    First line says "These tags apply to both the" and than only names one thing.

    usage_untimeout has "/raid <username>" in the message.

    5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
  14. So it seems that when a user is banned or timed out, extensions unload/are unavailable to those users.

    This is not documented.

    It should be documented somewhere

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Planned  ·  0 comments  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
  15. It should be more obvious that Twitch IRC: Commands needs the commands capability, Twitch IRC: Tags needs the tags capability, Membership page needs the membership capability.

    IE:

    Literally add a paragraph at the top to the effect of

    The Twitch IRC responses outlined on this page requires the connection to have requested the $whatever capability as outlined on the https://dev.twitch.tv/docs/irc/guide#twitch-irc-capabilities Capabilities section of the guide.

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
  16. Web chat users got access to the new "replies" feature, where you can mark your message to be a reply of another message.

    My suggestion is to add official documentation on how third parties can use this feature (for sending messages and for parsing received messages to be a reply)

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Investigating  ·  0 comments  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
  17. 4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Planned  ·  0 comments  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
  18. The PRIVMSG Twitch Tags documententation

    https://dev.twitch.tv/docs/irc/tags#privmsg-twitch-tags

    says

        Information to replace text in the message with emote images. This can be empty. Syntax:
    <emote ID>:<first index>-<last index>,<another first index>-<another last index>/<another emote ID>:<first index>-<last index>...
    emote ID – The number to use in this URL:
    

    Due to channel point modifications, this is no longer true, as emote's are no longer always numbers, they can be xxxx_hf for example

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Investigating  ·  0 comments  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
  19. From: https://github.com/twitchdev/issues/issues/59

    Brief description

    Mod Change and Channel ban Change events don't note the required oAuth scope needed for the topic

    https://dev.twitch.tv/docs/api/webhooks-reference#topic-moderator-change-events
    https://dev.twitch.tv/docs/api/webhooks-reference#topic-channel-ban-change-events

    Expected documentation

    Add, (similar to Topic: User Changed)

    Authentication
    User Access Token must have the `moderation:read` for the user in question
    

    Additional context or questions

    https://discuss.dev.twitch.tv/t/webhook-topic-for-channel-ban-change-events-and-moderator-change-events-doesnt-require-oauth-scope/24105

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    In Progress  ·  0 comments  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
  20. The graphs on this page don't look right. The graph syntax is displaying, not the graph itself.

    %% Extensions Overview Diagram
    graph LR
        Twitch --> | - postMessage - | Extension
        Extension --> | - postMessage - | Twitch
        Extension --> | - HTTP - | APIs
        Extension --> | - HTTP - | EBS[Extension Backend]
        Identity --> Twitch
        Chat --> Twitch
        Memes --> Twitch
    
    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Planned  ·  0 comments  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 6
  • Don't see your idea?