tags:

views:

287

answers:

2
+3  Q: 

Create a Dellicious Bookmarklet in Firefox using Delicious API

I want to create a Delicious bookmarklet in Firefox that bookmarks the current page with a predefined tag.

For proof of concept, if I enter this url, it works:

https://john:[email protected]/v1/posts/add?url=http://www.google.com&
    description=http://www.google.com&tags=testtag

But this as a bookmarklet doesn't, I get access denied:

javascript:(

    function()
    {
        location.href = 'https://john:[email protected]/v1/posts/add?url=' 
            + encodeURIComponent(window.location.href)
            + '&description=' + encodeURIComponent(document.title)   
            + '&tags=testtag';
    }

)()

Is this possible via a javascript bookmark?

Update: I tried this, but still got the access denied error, so it has something to do with Javascript/Firefox.

javascript:(

    function()
    {
        location.href = 'https://john:[email protected]/v1/posts/add?url='
            + 'http://www.google.com'
            + '&description=' + 'http://www.google.com' + '&tags=testtag';
    }

)()

Update 2: After trying many variations of the above and on different browsers, I still can't get past the access denied message, so offering a bounty.

+1  A: 

Looks like you're missing url=.

Jeffery To  2010-04-25 17:13:25
Thanks. I added it and am still getting the same error.
Steve  2010-04-25 18:07:00
I tried your example (with the URL encoded) in Firefox 3.6 and it worked. Are you logged into Delicious with another username? Are you using a Yahoo ID to log into Delicious?
Jeffery To  2010-04-26 01:48:24
It did? Awesome. I'm using FF 3.6.2 and I completely exited FF and tried a non-Yahoo and Yahoo account. Still won't work. For the Yahoo account, I used zzz:pwd and zzz@yahoo:pwd. Also turned off my firewall and didn't work. Did you get a warning messagebox that read "You are about to log in to the site with ... but the website does not require authentication?
Steve  2010-04-26 14:15:51
I tried a non-Yahoo account and it worked (it did show the authentication warning). According to http://delicious.com/help/api Yahoo accounts use a /v2 path and require OAuth.
Jeffery To  2010-04-26 14:37:52
Steve  2010-04-26 16:42:10
+1  A: 

I suspect this is Firefox trying to protect you from security issues when running Javascript. When I tried typing in your example into my address bar, Firefox prompted me to ask if I am sure I want to log in to api.del.icio.us.

This other question concerning HTTP auth looks similar to your question, maybe it will help you.

Update:

I used Firebug's Net panel and its Javascript console, and I was able to see the request/response headers.

Here is the request from the Javascript console, which FAILED:

GET /v1/posts/add?url=http://www.spoons.com/&description=forks&tags=knives HTTP/1.1
Host: api.del.icio.us
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://stackoverflow.com/questions/2708950/2740195
Authorization: Basic XXXXXXXXXXXXXXXXX
Cache-Control: max-age=0

And, here is the request from the address bar, which WORKED:

GET /v1/posts/add?url=http://www.spoons.com/&description=forks&tags=knives HTTP/1.1
Host: api.del.icio.us
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Authorization: Basic XXXXXXXXXXXXXXXXX
Cache-Control: max-age=0

The only difference seems to be the Referer header, which caused the access denied response. The setting network.http.sendRefererHeader in Firefox's about.config can be set to 0 which turns off the Referer header. When I tried this, then the Javascript console method started working.

There is a Firefox extension called refspoof which is useful for sending your own custom Referer headers, maybe that can help here.

Kevin Panko  2010-04-29 19:27:15
Thanks for the link. I've tried tracing via Firebug, but really couldn't get anywhere with that as https limits what you can see. When I put the input the url directly, I get the prompt, click OK and it works. When you put it in a bookmarklet, it acts differently.
Steve  2010-04-30 17:44:03
That sounds promising. I'll give it a try tonight. If it works in the console, it should work for a bookmarklet.
Steve  2010-04-30 20:26:39
Thanks! It worked. Not sure if I want to install refspoof, as I don't mind disabling the referrer setting via about:config for now. Maybe I can make an extension that sets it to 0, runs a script and sets it back to 2. Offhand, other than sites not getting credit for being a referrer, what are the consequences for keeping referrer to 0 permanently? I also wonder why Delicious/Yahoo did it this way?
Steve  2010-05-01 12:54:06
Nevermind, reading up on the referrer option - lots of consequences disabling it.
Steve  2010-05-01 13:06:06
It is probably a security feature -- if I embed some script on my page that calls their API, I might be able to trick people into bookmarking my page. The referer header may indicate this sort of trickery, so they reject it.
Kevin Panko  2010-05-01 20:15:28
Yes, that's what someone in Delicious's api forum said to me. Anyways, I would guess the api is subject to change and this might not work pending future changes, but I doubt the Yahoo folks are reading this. Anyways, my motives are not pernicious, but to save myself time.
Steve  2010-05-02 16:42:28

related questions

What JavaScript patterns do you use most?
Javascript events
What style do you use for creating an "class" in JavaScript?
Graphing JavaScript Library
What's the difference in closure style
Getting the text from a drop-down box
How to specify javascript to run when ModalPopupExtender is shown
Length of Javascript Associative Array
How Do I Post and then redirect to an external URL from ASP.Net?
How to set up a CSS switcher in ASP.NET
Wrapping lists into columns
Javascript keyboard events primer? (or rather: help me with my custom dropdown)
Http Auth in a Firefox 3 bookmarklet
Best Debugging Tools for JavaScript/xulrunner Development
How can I turn a string of HTML into a DOM object in a Firefox extension?
Call ASP.NET Function From Javascript?
Javascript troubleshooting tools in IE
MAC addresses in JavaScript
Capturing TAB key in text box
CSS Background Color in Javascript
How can I make the browser see CSS and Javascript changes?
Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?
ASP .Net Custom Client-Side Validation
What JavaScript library would you choose for a new project and why?
Detecting font in JavaScript