Twitter profile picture images now blocked on most domains

Question

Based upon this answer here: Building Twitter profile image url with Twitter user id

I implemented some functionality for a client's website that showed a Twitter profile picture's img so it could be displayed on our site. ( https://twitter.com/[screen_name]/profile_image?size=original )

Unfortunately after coming back to the project after a couple weeks it looks like Twitter has now blocked this functionality. Looking at the response headers I see:

After poking around a bit it looks like the content-security-policy and perhaps also the x-frame-options settings are preventing the functionality from working now. Am I correct in my assumption and are there any workarounds (other than using the API to get the profile image url via this API: https://developer.twitter.com/en/docs/accounts-and-users/user-profile-images-and-banners )

score 2 · Accepted Answer · answered Feb 21 '20 at 12:10

2

The API is the correct way to obtain these URLs and images. The way you were doing it was never a documented or supported manner of getting profile images. There’s no workaround for your current method, you should use the official API.

answered Feb 21 '20 at 12:10

Andy Piper

11,422
2
26
49

Thanks, and judging from the response headers I posted am I right in my assumption that it's the `content-security-policy` rule which is blocking access? Thanks – Anthony Feb 21 '20 at 19:28
1

I believe so but I can’t be sure. – Andy Piper Feb 22 '20 at 19:53

Twitter profile picture images now blocked on most domains

1 Answers1

Linked