Unshortening short URIs in spite of the Same Origin Policy

Question

That damn SOP strikes again.

So, suppose I have "http://t.co/atyHdwLA" (client-side, we're talking), and I want to obtain "http://foo.com". I had a clever idea to construct an invisible iframe, and then wait a second before querying its contentWindow's location again, after the redirect had taken place. But the SOP prevented me from accessing it. Can anyone think of any other hacks to achieve this, or is it simply not possible in a browser?

Answer 1

Use a service like LongURL. Or ExpandURL, which has an easy to use API.

Use ExpandURL's API along with an XHR request.

Also, have a look at this article on CORS. You may have to use your own server to use this API if their server doesn't support cross-origin requests.