#1064 closed defect (fixed)

twitter login error 403 forbidden

Reported by: tripgod@… Owned by:
Priority: normal Milestone:
Component: Twitter Version: 3.0.5
Keywords: forbidden error twitter login Cc:
IRC client+version: Client-independent Operating System: Linux
OS version/distro: synology e500


Since a few days ago, no more tweets appeared even though bitlbee was still connected with twitter (users in the channel). I log off and log back in and get this error:

<@       root> | twitter - Logging in: Getting contact list
<@       root> | twitter - Login error: Could not retrieve /users/lookup.xml: 403 Forbidden
<@       root> | twitter - Logging in: Signing off..

Fix by changing base_url to https
acc 0 set base_url

Attachments (0)

Change History (3)

comment:1 Changed at 2013-05-23T22:09:08Z by wilmer

Resolution: fixed
Status: newclosed is one of the few clear sources I could find about this:

"API v1.1 is documented as SSL-only. Make sure you're using SSL and verifying peers — see this guide for more information. Non-SSL requests will eventually be rejected."

Would've been nice if they were a little clearer about that. Lame change, with OAuth1.0a there's little sensitive data going over the wire. No MitM opportunities or anything. Oh well.

I've updated the default for base_url in changeset:devel,985. I guess that means I can close this bug and wait for the dupes to come in. :-)

comment:2 Changed at 2013-05-23T23:11:33Z by wilmer

According to there might actually be a problem on Twitter's end.

Still, the doc quoted above says HTTPS is going to be mandatory some day in the future, so I guess I'll keep the changeset above.

comment:3 Changed at 2013-05-23T23:13:52Z by wilmer

Yes, I can log in without SSL again now.

Modify Ticket

as closed The ticket will remain with no owner.
The resolution will be deleted. Next status will be 'reopened'.

Add Comment

E-mail address and name can be saved in the Preferences.

Note: See TracTickets for help on using tickets.