So as for now, I decided to do some basic tests on this and try to figure out the issue.
So I was checking this original blockchain.js#L186 and I found out that the parameter changed so I decided to change the data and try it:
I've also added an header to ajax request, it still didn't work out well.
headers: { "x-twitter-active-user": "yes", }
For now, the only header left between the original request and the app's request is the Origin header.
It is certain that the Twitter might check the Origin header for the security issue. But usually changing Origin header is not allowed from script by default.
So if there's any way find a way to change the Origin, we can get this problem fixed somehow.
I think there are websites that says chrome.webRequest.onBeforeSendHeaders.addListener can be used to modify the Origin header but I couldn't make it work.. can you find a way about it?
ceceradio
commented
5 years ago
I get the same problem with #5 now.
So as for now, I decided to do some basic tests on this and try to figure out the issue. So I was checking this original blockchain.js#L186 and I found out that the parameter changed so I decided to change the data and try it:
it still didn't work out well š
I've also added an header to ajax request, it still didn't work out well.
For now, the only header left between the original request and the app's request is the
Originheader.It is certain that the Twitter might check the
Originheader for the security issue. But usually changingOriginheader is not allowed from script by default.So if there's any way find a way to change the Origin, we can get this problem fixed somehow.
I think there are websites that says
chrome.webRequest.onBeforeSendHeaders.addListenercan be used to modify theOriginheader but I couldn't make it work.. can you find a way about it?