oAuth token request fails, returns "403: Forbidden"


Here’s my source:

Click Me!

The sendPostRequestWithAuth method is as follows:

function sendPostRequestWithAuth(url, params, auth, onComplete)
xmlHttpReq.open(“POST”, url, true);
xmlHttpReq.setRequestHeader(“Content-Type”, “application/x-www-form-urlencoded”);
xmlHttpReq.setRequestHeader(“Content-Length”, params.length);
xmlHttpReq.setRequestHeader(“Authorization”, "OAuth " + auth);
xmlHttpReq.onreadystatechange = function() {
if(xmlHttpReq.readyState == 4 && xmlHttpReq.status == 200)
else if(xmlHttpReq.readyState == 4)
alert(xmlHttpReq.getResponseHeader(“oauth_token”) + xmlHttpReq.status);

Firefox initiates a preflight (because of the Authorization header, though it’s not documented), then I get a 403. What’s wrong?


Usage of OAuth from Javascript in a browser environment is extremely frowned upon. Client-side Javascript is not an appropriate environment for OAuth 1.0A. Please use a server-based solution for OAuth or otherwise use Web Intents if you prefer a client-side integration.


I know. I am new into this, and this is for learning purpose.


I’m having the same problem.
I’m needs in Javascript , any solution?