Qlik Sense - Access-Control-Allow-Origin Header

Mon, 17 Aug 2015 05:38:37 GMT

Hi all,

Trying to get data from Twitter at the moment and am encountering a 'Access-Control-Allow-Origin' header error. Looking online - this appears to be a cross-domain issue but I am not sure how to resolve this using JS.

Below is my code at the moment which references the oauth.js and shal.js files from oauth - Revision 1276: /code/javascript.

would appreciate any assistance to resolve the issue or other people's experiences in extracting data from Twitter.

var nonce = OAuth.nonce(32);

var ts = Math.floor(new Date().getTime() / 1000);

var timestamp = ts.toString();

var accessor = {

consumerSecret: consumerSecret,

tokenSecret: tokenSecret

};

var params = {

oauth_version: "1.0",

oauth_consumer_key: oauth_consumer_key,

oauth_token: oauth_token,

oauth_timestamp: timestamp,

oauth_nonce: nonce,

oauth_signature_method: "HMAC-SHA1"

};

var message = {

method: "GET",

action: urlLink,

parameters: params

};

OAuth.completeRequest(message, accessor);

OAuth.SignatureMethod.sign(message, accessor);

var normPar = OAuth.SignatureMethod.normalizeParameters(message.parameters);

var baseString = OAuth.SignatureMethod.getBaseString(message);

var sig = OAuth.getParameter(message.parameters, "oauth_signature") + "=";

var encodedSig = OAuth.percentEncode(sig);

var newRequest = new XMLHttpRequest();

newRequest.open("GET", urlLink, true);

var oauthtext = 'OAuth oauth_consumer_key="'+oauth_consumer_key+'", oauth_nonce=' + nonce + ', oauth_signature=' + encodedSig + ', oauth_signature_method="HMAC-SHA1", oauth_timestamp=' + timestamp + ',oauth_token="'+oauth_token+'", oauth_version="1.0"';

//console.log(oauthtext);

newRequest.setRequestHeader("Authorization", oauthtext);

newRequest.send();

Re: Qlik Sense - Access-Control-Allow-Origin Header

Alexander_Thor — Mon, 17 Aug 2015 14:17:31 GMT

Well, if a server gives you a CORS error there is not much you can do from the client.
This is a good article on CORS that I recommend you check out, HTTP access control (CORS) - HTTP | MDN

However I would be very surprised that Twitters API has cors headers other than allow all (*), in fact they don't.

Can you share the full code? Communicating with the Twitter API client side is tricky business overall after they deprecated the 1.0 API.

Re: Qlik Sense - Access-Control-Allow-Origin Header

Fri, 11 Sep 2015 06:11:51 GMT

Hi Alexander,

Apologies for the late reply. We realised that it was our company proxy settings that was playing up with the connection to R.

All good now so I will close this thread!

Cheers,

Joel

topic Qlik Sense - Access-Control-Allow-Origin Header in Integration, Extension & APIs

Qlik Sense - Access-Control-Allow-Origin Header

Re: Qlik Sense - Access-Control-Allow-Origin Header

Re: Qlik Sense - Access-Control-Allow-Origin Header