2 Replies Latest reply: Sep 11, 2015 2:11 AM by Joel Lau RSS

    Qlik Sense - Access-Control-Allow-Origin Header

      Hi all,


      Trying to get data from Twitter at the moment and am encountering a 'Access-Control-Allow-Origin' header error.  Looking online - this appears to be a cross-domain issue but I am not sure how to resolve this using JS.


      Below is my code at the moment which references the oauth.js and shal.js files from oauth - Revision 1276: /code/javascript.


      would appreciate any assistance to resolve the issue or other people's experiences in extracting data from Twitter.


              var nonce = OAuth.nonce(32);

              var ts = Math.floor(new Date().getTime() / 1000);

              var timestamp = ts.toString();



              var accessor = {

                  consumerSecret: consumerSecret,

                  tokenSecret: tokenSecret




              var params = {

                  oauth_version: "1.0",

                  oauth_consumer_key: oauth_consumer_key,

                  oauth_token: oauth_token,

                  oauth_timestamp: timestamp,

                  oauth_nonce: nonce,

                  oauth_signature_method: "HMAC-SHA1"




              var message = {

                  method: "GET",

                  action: urlLink,

                  parameters: params




        OAuth.completeRequest(message, accessor);

              OAuth.SignatureMethod.sign(message, accessor);



              var normPar = OAuth.SignatureMethod.normalizeParameters(message.parameters);

              var baseString = OAuth.SignatureMethod.getBaseString(message);

              var sig = OAuth.getParameter(message.parameters, "oauth_signature") + "=";

              var encodedSig = OAuth.percentEncode(sig);



        var newRequest = new XMLHttpRequest();


        newRequest.open("GET", urlLink, true);


        var oauthtext = 'OAuth oauth_consumer_key="'+oauth_consumer_key+'", oauth_nonce=' + nonce + ', oauth_signature=' + encodedSig + ', oauth_signature_method="HMAC-SHA1", oauth_timestamp=' + timestamp + ',oauth_token="'+oauth_token+'", oauth_version="1.0"';




        newRequest.setRequestHeader("Authorization", oauthtext);