Twitter API headers

I’m dorking around with the Twitter API, public calls like http://api.twitter.com/1/statuses/user_timeline.json?screen_name=nelson&count=100&page=3&include_rts=1&trim_user=true&include_entities=false. Here’s the HTTP headers that returns:

  HTTP/1.1 200 OK
  X-RateLimit-Limit: 150
  X-RateLimit-Remaining: 112
  X-RateLimit-Reset: 1337888547
  X-RateLimit-Class: api
  Content-Type: application/json;charset=utf-8
  Last-Modified: Thu, 24 May 2012 19:26:16 GMT
  Expires: Tue, 31 Mar 1981 05:00:00 GMT
  Pragma: no-cache
  Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
  Set-Cookie: guest_id="v1:133788757695829242";Expires=Sat, 24-May-14 19:26:16 GMT;Path=/;Domain=.twitter.com
  Status: 200 OK
  X-Transaction: a990ed040a2ffcdd
  X-Frame-Options: SAMEORIGIN
  Date: Thu, 24 May 2012 19:26:16 GMT
  Server: tfe
  Content-Length: 86940

Sadly, there’s no Access-Control-Allow-Origin header there to allow CORS. The Twitter API does support an optional callback= paramter to get them to emit JSONP instead. I was trying to use D3’s AJAX library to make the calls, but it only supports CORS and not JSONP.

One thought on “Twitter API headers

  1. agreed, twitter’s API is both commendable for all the things it gets right and disappointing for the minor things it misses, CORS included.

    (of course, it doesn’t hurt that we both have contacts there to harass when we have questions or want bugs fixed or features added. :P)

Comments are closed.