I understand that it's possible to use oembed to get embed code for private files, but I'm running into "403 forbidden" when I try it.
http://soundcloud.com/albert-albala-1/audio-recording-on-monday/s-VzgUg
is accessible in a browser, but
curl -iL http://soundcloud.com/oembed?url=http%3A//soundcloud.com/albert-albala-1/audio-recording-on-monday/s-VzgUg&format=json&auto_play=false
yields a HTTP/1.1 403 Forbidden error. The same call with a public sound works fine:
curl -iL http://soundcloud.com/oembed?url=http%3A//soundcloud.com/osmconcerts/rosemarie-landryv2&format=json&auto_play=false
Related question: Rendering SoundCloud widget for a private track using PHP API, although that one uses PHP. I'm trying to get this to work on the command line.
It's possible to embed private tracks using a secret token if the track's settings allow embedding.
Embedding is allowed by default, but if you're receiving a 403 with a valid secret token, you've probably disallowed public embedding for the track.
You can enable this through the web UI on your track's edit page under Settings -> Advanced -> Widget Settings -> Click to enable -> For everybody:
Just had this problem myself, and the track/sound settings have changed layout/structure since pje's answer from 30/09/2013.
Currently, under Permissions, you need to make sure that 'Display Embed code' is turned on - despite the fact that you may not want this to happen! Doing so should mean a 200 status code is returned along with the embed metadata.
Essentially what this is doing is allowing the track to be publicly embedded on other sites (despite the track being private in terms of not being listed on the main account page).
Related
I've written a backend api in .net and I would like to test my methods but when I open postman and try my different methods, it never works:
Could not get any response
There was an error connecting to xxx/api/videos
The strange thing is that if I click the embedded link, it takes me to the right page of my api and shows me the json that I expect (now I use this url as an example, I want to test a post method and I con't view this one in the browser). If any of you know what to do, let me know.
click here in settings, one pop up window will get open. There we have switcher to make SSL verification certificate. Switch to (Off).
I've been trying to get OAuth 2.0 to work correctly. I have managed to make the url that that will do the "deny/allow" for my app by opening a webpage with just
Application.OpenUrl(uri.ToString());
The problem is that I have no idea how to get the redirect and the auth token from the page if the user hits allow. When you hit allow, right now nothing happens it just sits on the page. Checking Networking in chrome debug does have the redirect and token there but it never actually sends it..
I was recommended to use RestSharp but I again have no idea how to use it with Unity as there are lot of resources for Android/iOS PC etc. but I can't get any of them to work for this Unity project...
var client = new RestClient("https://www.fitbit.com/oauth2/authorize?response_type=code&client_id=*clientID*&redirect_uri=http%3A%2F%2FfitRPGcallback&scope=activity%20profile%20sleep%20social");
Debug.Log("client made");
var request = new RestRequest(Method.POST);
request.Resource = ("profile%20sleep%20social");
client.ExecuteAsync(request, response => { Debug.Log("response is : " + response.Content);});
Application.OpenURL(client.BaseUrl.ToString());
In the URL I do have the correct clientID in there as well just not sure what I can and can't show for security reasons etc.
Biggest problem is just having no idea how to get the return value from the webpage after the user hits allow/deny...
Any insights would be super super appreciated cause I just want to start making the actual game but there's not as much point if I can't get this data...
So, I'm posting on a few other applicable questions as well since I have finally figured out my answer.
Unfortunately I'm not using REST so that part is still up in the air BUT I did get it to work with just Fitbit, Unity and a Webview plugin (you will need a webview OR a way to get the initial code back from your first OAuth2 call)
You can find steps here.
http://technicalartistry.blogspot.nl/2015/07/oauth2-unity-and-month-of-cursing.html
EDIT:
So I had to change how I did it because Fitbit changed their ToS where we are no longer allowed to use Webview based Authenticators (which is what I was using in the above blogpost.)
Give this next post a look for how to make an Android Plugin that will grab the Accesstoken from Fitbit's OAuth. This is a FREE way to do it since you make it yourself and it's ezmode :)
http://technicalartistry.blogspot.ca/2016/01/fitbit-unity-oauth-2-and-native.html
I am working on a project where we create playlists in Deezer using the api, we have been doing this successfully since the call to make it was implemented. However one of our testers noticed today that the Playlists were no longer private. I can verify this is the case in the Deezer api explorer and in my code.
Go to http://developers.deezer.com/api/explorer?url=playlist/4341978# (need to change id to a playlist that your account has created and use getToken feature)
Change the method to post
Add parameter public with value of false
Open console and watch response
Will return an "Input Error" message
The exact same thing is happening in my code when sending the same kind of request (including the token as a parameter) which has previously definitely worked as intended.
Do you know if the api has changed and I am missing some extra parameters or config? Or possibly there is error which is causing this?
I want to use the Embeddable Build Status Plugin for Jenkins. I am using Cloudbees. I granted Job/ViewStatus permissions to the anonymous user. When I add the Markdown to the README.md no icon is shown. I tried both the protected and the unprotected link.
# protected
[](https://johnjohndoe.ci.cloudbees.com/job/TypedPreferences/)
# unprotected
[](https://johnjohndoe.ci.cloudbees.com/job/TypedPreferences/)
By default DEV#cloud Jenkins instances are not visible, at all, to anonymous users. If you have configured role-based security and want anonymous users to have the selected roles, configure your system and check the box Enable read-only access for anonymous users.
Well, the question has been asked some time ago, but for others reaching it here, having the problem, that the image is still not shown within the Readme.md on GitHub/GitHub-Enterprise after performing the above mentioned configuration:
Make sure that both services are using the same protocol. In my case, we had GitHub-Enterprise running under HTTPS and Jenkins was running on HTTP.
The badge will not be shown in this case because of the possible security breach introduced by mixed content. You will find an appropriate error message in the console output of your browser (i.e. F12 in Chrome):
Mixed Content: The page at 'https://.../README.md' was loaded over HTTPS,
but requested an insecure image 'http://.../job/master/badge/icon'.
This request has been blocked; the content must be served over HTTPS.
It's of course quite obvious but something that can also be easily missed when searching on the wrong track.
I had an issue with space in the project name, so do not forget to replace spaces with %20
example:
[](.../Long%20Project%20Name/...)
I'm trying to use a new dropbox datastore API with my chrome extension. If used as specified in tutoria, auth will fail with error 400:
Invalid redirect_uri: "chrome-extension://anzbpdekhbhcbekwmfazaophjcaabshl/chrome_oauth_receiver.html". It must exactly match one of the redirect URIs you've pre-configured for your app (including the path)
If i add this URL to my app profile at dropbox website, all works fine. But "anzbpdekhbhcbekwmfazaophjcaabshl" is a computer-unique value, it will be different for each extension installation for each user. Is it possible to somehow fix this or dropbox datastore API is intended to be used on static websites where redirect url is known?
Update 1
Extension ID is random for manual/non-public extension installation.
Update 2
I have found a way to make extension ID persistent: just pack it, generate a public key fro private .pem key and set this key's base-64 encoded value as 'key' in manifest.
Moving my comment to an answer (and see updates to the question for details):
I thought that the extension ID (the part right after chrome-extension://) was not user- or computer-specific and remained the same everywhere the Chrome extension is installed.
I'm successfully using the Datastore API from a Firefox extension. The trick is to attach the dropbox scripts to an actual webpage, not a local page. I have a blank page hosted on my server, and the extension opens that page and attached the necessary scripts. From there it redirects the user to the Dropbox authentication page.
Once the user has authenticated I open the same page in a "headless" tab using the page-worker API. (I don't know if Chrome extensions have the equivalent functionality)
The redirect URL has to be https so you'll need to get an SSL certificate for it to work.