Determining whether users are logged into Twitter

Update: This technique no longer works because the Twitter favicon is no longer hosted from the twitter.com domain and the ?redirect_after_login query parameter only works with resources on the twitter.com domain.

In Detect if visitors are logged into Twitter, Facebook or Google+, Tom Anthony explains how to determine what social networks your users are logged into. The approach Tom recommends still works today, but the Twitter code needs to be modified to work as expected.

Tom’s technique involves using a special URL to conditionally load an asset from Twitter if the user is logged in. The asset used in his example no longer exists, however, and most other Twitter assets are now served from a CDN. The conditionally-loaded asset needs to be on the same domain as that special URL (twitter.com) so CDN-hosted assets won’t do.

Thankfully, there is one asset we can still use: the Twitter favicon. This is one of the only assets not served from their CDN and, as a result, one of the only assets that can be conditionally loaded to infer whether the user is logged in.

Change a few characters and you’re good to go. This example uses JavaScript exclusively, but it can be modified to use an img element as Tom does.

Of course, this should be done responsibly. When we used this technique to conduct research on MDN, we told users what was happening. If you use this code, it’s probably not a bad idea to do the same.

Originally published at blog.openjck.com on February 27, 2015.