Comments (19)
Hi,
Could you check that http is the correct protocol for twitter? I had the same problem, in that jsOAuth doesnt handle 302 redirects very well.
I found using https to work.
from jsoauth.
It looks like this bit of code will need rethinking.
I'm not sure myself how to treat 30x status codes - behaviour isn't consistent across APIs. Some of them give empty response, some just throw HTML (ignoring Accept
headers and such).
from jsoauth.
I did some tests trying to abort the redirect, however in chrome, the status never went to 302. This leads me to think that at least in chrome, the 302 is swallowed.
from jsoauth.
Oh boy... It will depend how the browser treats 302 - if it's treated as "permanent" redirect, it will ignore it and take you directly to final location ignoring any interstitial urls. (at least that's how I understand it).
Why (and where) they are redirecting anyway?
I only had this problem with one API before - when a request failed, instead of responding with 503 (or similar), the service's load balancer would redirect you to a totally different page on a different server.
In theory debugging this with something like PhantomJS would work, since it doesn't have a "memory" of previously visited urls and their response codes.
from jsoauth.
In my case i was using http:// and not https://, twitter attempts to redirect you to the https version, therefore invalidating the signature. Part of the signature base string is the url.
I was hoping to catch the 302, Abort the request, resign and resend... but nope you cant do that.
So far i see this affecting Chrome and Titanium, I expect this will be across the board.
from jsoauth.
I tried with https:// too, not working, same stuff, 200 OK status and a blank data.text :(
from jsoauth.
I notice you have enablePrivilege: true,
. I assume you're testing on firefox?
from jsoauth.
Yes firefox
from jsoauth.
Could you try the jsOAuth boiler plate? Plumb in your details and make sure you set enablePrivilege: true
and customise the getSomeData
function
from jsoauth.
Right i'm trying here, but the authorize window that opens is probably missing some params, the window url is https://api.twitter.com/oauth/authorize? and twitter are throwing :
Woah there!
This page requires some information that was not provided. Please return to the site that sent you to this page and try again … it was probably an honest mistake.
from jsoauth.
Even the request_token is returning data.text blank so when it redirects to the authorize url it goes with no params, because there's not a request_token.
from jsoauth.
Jhimy,
I think you're using FF5? I also have this issue , but not in FF 3.6.19.
I'm guessing the little hack I use doen't work any more.
Namely:
netscape.security.PrivilegeManager.enablePrivilege('UniversalBrowserRead UniversalBrowserWrite');
and
signed.applets.codebase_principal_support
in about:config
I'd switch to chrome if you can.
Could you test in FF 3.6 and confirm?
from jsoauth.
Yes i was using FF5.
I wish i could switch to chrome too, but this line is not working :
/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --disable-web-security --allow-file-access-from-files --allow-file-access spec/runner.html
I'm getting
[0714/110048:INFO:breakpad_mac.mm(89)] Breakpad disabled
[1635:2307:10523161222729:ERROR:process_singleton_mac.cc(102)] Unable to obtain profile lock.
This line should be run with sudo permissions ?
from jsoauth.
I use a separate profile so I can run multiple instances of chrome .
Try something like:
/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --disable-web-security --allow-file-access-from-files --allow-file-access --user-data-dir=./chrome/ spec/index.html
where --user-data-dir
is the directory where you want to store the profile data
and spec/index.html
is the path to the file you wish to load
from jsoauth.
Oh, it's working now : )
Thanks for all the help, you should insert in your readme "do not work in FF5" : )
from jsoauth.
Already ahead of you. :)
Glad to get things working for you.
from jsoauth.
For anyone using ubuntu, you can use chrome in this way
/opt/google/chrome/google-chrome --disable-web-security --allow-file-access-from-files --allow-file-access --user-data-dir=./chrome/ /path/to/html/file.html
you will want to change /path/to/html/file.html.
If you want to create a shortcut to make things easier, add to panel, choose custom application launcher and use the following command:
/opt/google/chrome/google-chrome --disable-web-security --allow-file-access-from-files --allow-file-access --user-data-dir=./chrome/ %U
now, if you want to open an html file, just drag and drop it onto the shortcut.
from jsoauth.
1 Uncaught ReferenceError: netscape is not defined
Chrome for Mac.
from jsoauth.
On chrome don't use enablePrivilege. This is for firefox 3 only. As documented
from jsoauth.
Related Issues (20)
- OAuth 2.0 Support HOT 11
- postJSON - Content-Type: 'application/json' HOT 4
- Support streaming responses HOT 11
- No request token error HOT 7
- jsOAuth and LinkedIn HOT 3
- Using requirejs breaks jsOAuth HOT 3
- encodable query params are double percent encoded HOT 2
- QueryString.setQueryParams doesn't decode query values HOT 3
- 1.3.6 error HOT 1
- Uncaught ReferenceError: netscape is not defined HOT 3
- Making life simpler: Chrome iOS-Simulator App HOT 1
- Error auth Appelerator sdk version >=2
- Missing onerror callback for Titanium HTTPClient
- Unexpected OAuth.urlDecode behavior HOT 3
- urlEncode method does not encode the tab character
- jsOAuth - Backbone.js HOT 4
- Make package installable using bower HOT 3
- It's not possible to make GET requests with two query parameters having the same name HOT 3
- Twitter 401 Unauthorized for get/post methods after access_token is saved HOT 6
- phonegap error, netscape is not defined HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from jsoauth.