Modify

#1064 closed defect (fixed)

twitter login error 403 forbidden

Reported by: tripgod@… Owned by:
Priority: normal Milestone:
Component: Twitter Version: 3.0.5
Keywords: forbidden error twitter login Cc:
IRC client+version: Client-independent Operating System: Linux
OS version/distro: synology e500

Description

Since a few days ago, no more tweets appeared even though bitlbee was still connected with twitter (users in the channel). I log off and log back in and get this error:

<@       root> | twitter - Logging in: Getting contact list
<@       root> | twitter - Login error: Could not retrieve /users/lookup.xml: 403 Forbidden
<@       root> | twitter - Logging in: Signing off..

Fix by changing base_url to https
acc 0 set base_url https://api.twitter.com/1

Attachments (0)

Change History (3)

comment:1 Changed at 2013-05-23T22:09:08Z by wilmer

Resolution: fixed
Status: newclosed

https://dev.twitter.com/blog/api-v1-retirement-final-dates is one of the few clear sources I could find about this:

"API v1.1 is documented as SSL-only. Make sure you're using SSL and verifying peers — see this guide for more information. Non-SSL requests will eventually be rejected."

Would've been nice if they were a little clearer about that. Lame change, with OAuth1.0a there's little sensitive data going over the wire. No MitM opportunities or anything. Oh well.

I've updated the default for base_url in changeset:devel,985. I guess that means I can close this bug and wait for the dupes to come in. :-)

comment:2 Changed at 2013-05-23T23:11:33Z by wilmer

According to https://twitter.com/Aerathil/status/337706376333783041 there might actually be a problem on Twitter's end.

Still, the doc quoted above says HTTPS is going to be mandatory some day in the future, so I guess I'll keep the changeset above.

comment:3 Changed at 2013-05-23T23:13:52Z by wilmer

Yes, I can log in without SSL again now.

Modify Ticket

Action
as closed The ticket will remain with no owner.
The resolution will be deleted. Next status will be 'reopened'.

Add Comment


E-mail address and name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.