I would like to make a call to twitter to fetch the latest tweets.
When I call the service, I want to use the Bearer token for authentication.
However, as the bearer token contains a “%”, the call fails with the error:
Header “Authorization” has unallowed character “%” in value “Bearer …oP4iw%3DoZ…”
I have shortened the token as it is a secret
Here is the code I have:
local headers = {["Authorization"] = "Bearer ..d4llaoP4iw%3DoZBnejRZSXvO..."}
-- Use pcall in case something goes wrong
local success, response = pcall(function ()
response = HttpService:GetAsync(URL_TWITTER, false, headers)
data = HttpService:JSONDecode(response)
end)
print("twitter1 " .. tostring(success) .. " - " .. response)
I tries escaping the % with %% or %, but it did not help.
The problem is that I cannot just remove the % as it is part of the token and must be sent to the twitter server. Otherwise the authentication will fail.
It’s been a while since the last post on this thread was made, but did you find any solution? I’m getting the same error since I’m trying to use “_” inside of a header.
use a random character instead of an unacceptable character
then on javascript, Convert that random character in the following headers to an unacceptable character,
For example, on lua, add a value to the headers, this value tells which character to put in which order of the string
code example:
local headers = {auth="abcdefghijkamnapr",format_auth="12=percent,15=percent"}
-- format_auth="12=percent,15=percent"
or
local headers = {auth="abcdefghijkamnapr",format_auth=string.char(1+97)..string.char(2+97).."=percent"}
-- format_auth="bc=percent" -- you can convert bc string to number
-- on javascript, result: auth= "abcdefghijk%mn%pr"
For anyone wanting to get the % in through your request, just use the following code:
local function FixPercentage(Token)
return Token:gsub("%%%x%x", function(match)
return string.char(tonumber(match:sub(2), 16))
end)
end
local Token = FixPercentage("yourtokenwith%")
-- call requestasync function as normal
Found this piece of code from As8D. Something relating to hexadecimal code, not quite sure, but this allowed me to send a successful request to Twitter.