Suddenly getting a 403 when updating status, always worked before


#1

I am using @abraham’s code to post a daily status update. It has worked beautifully for many months, using the v1 API. Today suddenly statuses/update gives me a 403 error every time. So I updated to @abraham’s latest version of twitteroauth.php and updated the path to use v1.1, but I’m still getting a 403. Is there some other new change on May 1 2013 that I’m not aware of?


#2

I would look at the specifics of the message you’re receiving. Verify that you aren’t using a suspended account or suspended application. Verify that the account hasn’t reached its daily or roaming allowance of tweets to post.


#3

Here is the twitteroauth object I get (my keys xxxx’d out) - I don’t see anything that looks like a more detailed error message. Any thoughts?

TwitterOAuth Object
(
[http_code] => 403
[url] => https://api.twitter.com/1.1/statuses/update.json
[host] => https://api.twitter.com/1.1/
[timeout] => 30
[connecttimeout] => 30
[ssl_verifypeer] => 1
[format] => json
[decode_json] => 1
[http_info] => Array
(
[url] => https://api.twitter.com/1.1/statuses/update.json
[content_type] => application/json; charset=utf-8
[http_code] => 403
[header_size] => 1302
[request_size] => 686
[filetime] => -1
[ssl_verify_result] => 0
[redirect_count] => 0
[total_time] => 0.340375
[namelookup_time] => 5.3E-5
[connect_time] => 0.043348
[pretransfer_time] => 0.153397
[size_upload] => 0
[size_download] => 97
[speed_download] => 284
[speed_upload] => 0
[download_content_length] => 97
[upload_content_length] => 0
[starttransfer_time] => 0.340359
[redirect_time] => 0
)

[useragent] => TwitterOAuth v0.2.0-beta2
[sha1_method] => OAuthSignatureMethod_HMAC_SHA1 Object
(
)

[consumer] => OAuthConsumer Object
(
[key] => xxxxx
[secret] => xxxxx
[callback_url] =>
)

[token] => OAuthConsumer Object
(
[key] => xxxxx
[secret] => xxxxx
[callback_url] =>
)

[http_header] => Array
(
[cache_control] => no-cache, no-store, must-revalidate, pre-check=0, post-check=0
[content_length] => 97
[content_type] => application/json; charset=utf-8
[date] => Thu, 02 May 2013 17:31:22 GMT
[etag] => “f6eba64f9f6467f2df6417dff1a028f8”
[expires] => Tue, 31 Mar 1981 05:00:00 GMT
[last_modified] => Thu, 02 May 2013 17:31:22 GMT
[pragma] => no-cache
[server] => tfe
[set_cookie] => guest_id=v1%3A136751588215107417; Domain=.twitter.com; Path=/; Expires=Sat, 02-May-2015 17:31:22 UTC
[status] => 403 Forbidden
[strict_transport_security] => max-age=631138519
[vary] => Accept-Encoding
[x_access_level] => read-write
[x_frame_options] => SAMEORIGIN
[x_mid] => 6b12d727d414d9dfc09d2ba9c7c2e1e43c4eacfc
[x_rate_limit_limit] => 15
[x_rate_limit_remaining] => 14
[x_rate_limit_reset] => 1367516781
[x_runtime] => 0.12339
[x_transaction] => 56f6bf37f605ef43
[x_transaction_mask] => a6183ffa5f8ca943ff1b53b5644ef114133d7b54
)

)


#4

It looks like your library is hiding the actual message being sent along with that 403 Forbidden error – see if you can access the response object and examine the body of the response. You may want to try using the API from the command-line instead.


#5

n highlight your code samples using the & tags. Many languages are supported like


#6

I’m getting this too, and I’ve checked and re-checked with Curl, and it’s not sending any message body. Only the headers.

Here’s a sample

HTTP/1.1 403 Forbidden
content-length: 0
date: Fri, 17 Jan 2014 01:38:21 UTC
server: tfe
set-cookie: guest_id=(removed); Domain=.twitter.com; Path=/; Expires=Sun, 17-Jan-2016 01:38:21 UTC
x-rate-limit-limit: 180
x-rate-limit-remaining: 171
x-rate-limit-reset: 1389923103

Note the content-length: 0 - it’s literally got no response body.


#7

If it stopped working in the last few days, it’s probably because you are using HTTP. Since a few days ago, api.twitter.com is SSL-only (you have to use HTTPS).