问题
For writing desktop twitter apps, one is required to create an app at apps.twitter.com and use consumer "secret" to retrieve the user's authorization via some sort of PIN.
The apps page on twitter says:
Keep the "Consumer Secret" a secret. This key should never be human-readable in your application.
Is this a joke? The client app needs to have it in plaintext at some point. Is this Twitter's sense of security? And does it really matter to keep this "secret" a secret? (which is obviously impossible)
来源:https://stackoverflow.com/questions/43723182/twitter-consumer-secret-really-a-secret