CORS header?

[robinvanb]

I saw the other issue that was closed about the CORS header but I simply cannot seem to get this to work.
I'm using the consumer key / secret and the access token / access secret from the OAuth Tool of Twitter to configure $twitterApi but I keep getting the HTTP 400

Also there are many discussion topics about Twitter not supporting CORS: https://twittercommunity.com/t/access-control-allow-origin/7253/19
Do you have any idea what to do?

[saimon24]

If you get a 400 Error you are not logged in at all, which means you have no OAuth Token. Are you sure you get a valid token before you configure/use ngTwitter?

[k-zakhariy]

@saimon24 How i can get valid Token? When i complete auth i got access_token and access_token_secret , those are same credentials as in apps.twitter.com in Dashboard
Then when i try request i get the same error that @robinvanb had.

XMLHttpRequest cannot load https://api.twitter.com/1.1/statuses/home_timeline.json?count=5. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://local.regrem.com' is therefore not allowed access. The response had HTTP status code 400.

[botezalexandru]

I am also have the same issue, i copied the Consumer Key (API Key), Consumer Secret (API Secret) and the Access Token and it did not work

[sebastianmusial]

@saimon24 I have the same problem. The response had HTTP status code 400.

Do we need token object with oauth_token and oauth_token_secret or third parameter must be oauth_token? In the both version this is not working.

[botezalexandru]

I did a little of debugging through the source code and oauth_token and oauth_token_secret were undefined so i initialized them like this:
clientId = 'xxxx'
clientSecret = 'xxxx'
token.oauth_token = 'xxxx'
token.oauth_token_secret = 'xxx'

then i would call: $twitterApi.configure(clientId, clientSecret, token);

now the oauth_token and oauth_token_secret are defined but it still shows me the same error

[sebastianmusial]

@botezalexandru I agree with you. Maybe javascript connection with Twitter without backend is not available - https://twittercommunity.com/t/access-control-allow-origin/7253/24 ? 😕

[liadlivnat]

@botezalexandru Hey, Did you figure it out eventually ?

[botezalexandru]

@liadlivnat no, i haven't

[msieurtoph]

@saimon24 : Your service just does not work ... I did the same thing as @botezalexandru (I went to same conclusion about token being an hash) and the preflight request does not contain any Authorization header as it should be (as far as I understand).

Using this :

twitter = {
        clientId: 'xxx',
        clientSecret: 'xxx',
        oauthToken: {
            'oauth_token': 'xxx',
            'oauth_token_secret': 'xxx'
        }
    };

$twitterApi.configure(twitter.clientId, twitter.clientSecret, twitter.oauthToken);
$twitterApi.getUserTimeline({count: 10}).then(function(){.....});

does not work ... I got the same error than @robinvanb.

[nadeemramsing]

Having the same issue:

OPTIONS https://api.twitter.com/1.1/statuses/home_timeline.json?count=5 400 ()

XMLHttpRequest cannot load https://api.twitter.com/1.1/statuses/home_timeline.json?count=5. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://nadeemlocalhost.mu:8080' is therefore not allowed access. The response had HTTP status code 400.

Possibly unhandled rejection: {"data":null,"status":-1,"config":{"method":"GET","transformRequest":[null],"transformResponse":[null],"jsonpCallbackParam":"callback","url":"https://api.twitter.com/1.1/statuses/home_timeline.json","params":{"count":5},"headers":{"Accept":"application/json, text/plain, */*","Authorization":"OAuth oauth_consumer_key=\"MYCONSUMERKEY\",oauth_nonce=\"cnM8AK8FhO\",oauth_signature_method=\"HMAC-SHA1\",oauth_token=\"undefined\",oauth_timestamp=\"1482916373\",oauth_version=\"1.0\",oauth_signature=\"AfGCImRpQRHncjHhGIZ8bBZxd6o%3D\""}},"statusText":""}

I noticed that oauth_token="undefined"; is that normal?