Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
Hi all,
Trying to get data from Twitter at the moment and am encountering a 'Access-Control-Allow-Origin' header error. Looking online - this appears to be a cross-domain issue but I am not sure how to resolve this using JS.
Below is my code at the moment which references the oauth.js and shal.js files from oauth - Revision 1276: /code/javascript.
would appreciate any assistance to resolve the issue or other people's experiences in extracting data from Twitter.
var nonce = OAuth.nonce(32);
var ts = Math.floor(new Date().getTime() / 1000);
var timestamp = ts.toString();
var accessor = {
consumerSecret: consumerSecret,
tokenSecret: tokenSecret
};
var params = {
oauth_version: "1.0",
oauth_consumer_key: oauth_consumer_key,
oauth_token: oauth_token,
oauth_timestamp: timestamp,
oauth_nonce: nonce,
oauth_signature_method: "HMAC-SHA1"
};
var message = {
method: "GET",
action: urlLink,
parameters: params
};
OAuth.completeRequest(message, accessor);
OAuth.SignatureMethod.sign(message, accessor);
var normPar = OAuth.SignatureMethod.normalizeParameters(message.parameters);
var baseString = OAuth.SignatureMethod.getBaseString(message);
var sig = OAuth.getParameter(message.parameters, "oauth_signature") + "=";
var encodedSig = OAuth.percentEncode(sig);
var newRequest = new XMLHttpRequest();
newRequest.open("GET", urlLink, true);
var oauthtext = 'OAuth oauth_consumer_key="'+oauth_consumer_key+'", oauth_nonce=' + nonce + ', oauth_signature=' + encodedSig + ', oauth_signature_method="HMAC-SHA1", oauth_timestamp=' + timestamp + ',oauth_token="'+oauth_token+'", oauth_version="1.0"';
//console.log(oauthtext);
newRequest.setRequestHeader("Authorization", oauthtext);
newRequest.send();
Well, if a server gives you a CORS error there is not much you can do from the client.
This is a good article on CORS that I recommend you check out, HTTP access control (CORS) - HTTP | MDN
However I would be very surprised that Twitters API has cors headers other than allow all (*), in fact they don't.
Can you share the full code? Communicating with the Twitter API client side is tricky business overall after they deprecated the 1.0 API.
Well, if a server gives you a CORS error there is not much you can do from the client.
This is a good article on CORS that I recommend you check out, HTTP access control (CORS) - HTTP | MDN
However I would be very surprised that Twitters API has cors headers other than allow all (*), in fact they don't.
Can you share the full code? Communicating with the Twitter API client side is tricky business overall after they deprecated the 1.0 API.
Hi Alexander,
Apologies for the late reply. We realised that it was our company proxy settings that was playing up with the connection to R.
All good now so I will close this thread!
Cheers,
Joel