Skip to main content
Announcements
Have questions about Qlik Connect? Join us live on April 10th, at 11 AM ET: SIGN UP NOW
cancel
Showing results for 
Search instead for 
Did you mean: 
Not applicable

Qlik Sense - Access-Control-Allow-Origin Header

Hi all,

Trying to get data from Twitter at the moment and am encountering a 'Access-Control-Allow-Origin' header error.  Looking online - this appears to be a cross-domain issue but I am not sure how to resolve this using JS.

Below is my code at the moment which references the oauth.js and shal.js files from oauth - Revision 1276: /code/javascript.

would appreciate any assistance to resolve the issue or other people's experiences in extracting data from Twitter.

        var nonce = OAuth.nonce(32);

        var ts = Math.floor(new Date().getTime() / 1000);

        var timestamp = ts.toString();

        var accessor = {

            consumerSecret: consumerSecret,

            tokenSecret: tokenSecret

        };

        var params = {

            oauth_version: "1.0",

            oauth_consumer_key: oauth_consumer_key,

            oauth_token: oauth_token,

            oauth_timestamp: timestamp,

            oauth_nonce: nonce,

            oauth_signature_method: "HMAC-SHA1"

        };

        var message = {

            method: "GET",

            action: urlLink,

            parameters: params

        };

  OAuth.completeRequest(message, accessor);

        OAuth.SignatureMethod.sign(message, accessor);

        var normPar = OAuth.SignatureMethod.normalizeParameters(message.parameters);

        var baseString = OAuth.SignatureMethod.getBaseString(message);

        var sig = OAuth.getParameter(message.parameters, "oauth_signature") + "=";

        var encodedSig = OAuth.percentEncode(sig);

  var newRequest = new XMLHttpRequest();

  newRequest.open("GET", urlLink, true);

  var oauthtext = 'OAuth oauth_consumer_key="'+oauth_consumer_key+'", oauth_nonce=' + nonce + ', oauth_signature=' + encodedSig + ', oauth_signature_method="HMAC-SHA1", oauth_timestamp=' + timestamp + ',oauth_token="'+oauth_token+'", oauth_version="1.0"';

  //console.log(oauthtext);

  newRequest.setRequestHeader("Authorization", oauthtext);

  newRequest.send();

1 Solution

Accepted Solutions
Alexander_Thor
Employee
Employee

Well, if a server gives you a CORS error there is not much you can do from the client.
This is a good article on CORS that I recommend you check out, HTTP access control (CORS) - HTTP | MDN

However I would be very surprised that Twitters API has cors headers other than allow all (*), in fact they don't.

Can you share the full code? Communicating with the Twitter API client side is tricky business overall after they deprecated the 1.0 API.

View solution in original post

2 Replies
Alexander_Thor
Employee
Employee

Well, if a server gives you a CORS error there is not much you can do from the client.
This is a good article on CORS that I recommend you check out, HTTP access control (CORS) - HTTP | MDN

However I would be very surprised that Twitters API has cors headers other than allow all (*), in fact they don't.

Can you share the full code? Communicating with the Twitter API client side is tricky business overall after they deprecated the 1.0 API.

Not applicable
Author

Hi Alexander,

Apologies for the late reply.  We realised that it was our company proxy settings that was playing up with the connection to R.

All good now so I will close this thread! 

Cheers,

Joel