类型错误：无法在窗口上执行提取。名字无效

我正在尝试通过网络选项卡访问 Twitter 的 graphql api（显然位于同一来源）

这是我当前的实现：

// Example POST method implementation:
async function getData(username, data = {}) {
    let URL = `https://api.twitter.com/graphql/k5XapwcSikNsEsILW5FvgA/UserByScreenName?variables={"screen_name":"${username}","withSafetyModeUserFields":true}&features={"hidden_profile_likes_enabled":true,"hidden_profile_subscriptions_enabled":true,"responsive_web_graphql_exclude_directive_enabled":true,"verified_phone_label_enabled":true,"subscriptions_verification_info_is_identity_verified_enabled":true,"subscriptions_verification_info_verified_since_enabled":true,"highlights_tweets_tab_ui_enabled":true,"responsive_web_twitter_article_notes_tab_enabled":true,"creator_subscriptions_tweet_preview_api_enabled":true,"responsive_web_graphql_skip_user_profile_image_extensions_enabled":false,"responsive_web_graphql_timeline_navigation_enabled":true}&fieldToggles={"withAuxiliaryUserLabels":false}`
    // Default options are marked with *
    const response = await fetch(URL, {
        method: "GET", // *GET, POST, PUT, DELETE, etc.
        mode: "cors", // no-cors, *cors, same-origin
        cache: "no-cache", // *default, no-cache, reload, force-cache, only-if-cached
        credentials: "same-origin", // include, *same-origin, omit
        headers: {
            "Content-Type": "application/json",
            ":path": `/graphql/k5XapwcSikNsEsILW5FvgA/UserByScreenName?variables={"screen_name":"${username}","withSafetyModeUserFields":true}&features={"hidden_profile_likes_enabled":true,"hidden_profile_subscriptions_enabled":true,"responsive_web_graphql_exclude_directive_enabled":true,"verified_phone_label_enabled":true,"subscriptions_verification_info_is_identity_verified_enabled":true,"subscriptions_verification_info_verified_since_enabled":true,"highlights_tweets_tab_ui_enabled":true,"responsive_web_twitter_article_notes_tab_enabled":true,"creator_subscriptions_tweet_preview_api_enabled":true,"responsive_web_graphql_skip_user_profile_image_extensions_enabled":false,"responsive_web_graphql_timeline_navigation_enabled":true}&fieldToggles={"withAuxiliaryUserLabels":false}

`,
            ":authority": "api.twitter.com",
            ":method": "GET",
            ":scheme": "https",
            "Authorization": "Bearer AAAAAAAAAAAAAAAAAAAAANRILgAAAAAAnNwIzUejRCOuH5E6I8xnZz4puTs%3D1Zv7ttfk8LF81IUq16cHjhLTvJu4FA33AGWWjCpTnA",
            "Cookie": `guest_id_marketing=v1:170955125343839663; guest_id_ads=v1:170955125343839663; guest_id=v1:170955125343839663; gt=1764611971050074353; _ga=GA1.2.251089784.1709551255; _gid=GA1.2.393957230.1709551255; personalization_id="v1_5jbQDTm8Tn2sQ/f9diPocA=="
`,
            "Origin": "https://twitter.com",
            "Referer": "https://twitter.com",
            "X-Client-Transaction-Id": "I7fMTBcu/4HmKfngKEMY6kPjahaJoBRzqcr/bTYgBPINSk5CBpY1sDLiD3RBiJlAp0RotSI7wGYBtp0x28iZw/JR986wIg",
            "X-Guest-Token": "1764611971050074353"

        },
        redirect: "follow", // manual, *follow, error
        referrerPolicy: "strict-origin-when-cross-origin", // no-referrer, *no-referrer-when-downgrade, origin, origin-when-cross-origin, same-origin, strict-origin, strict-origin-when-cross-origin, unsafe-url

    });
    return response.json(); // parses JSON response into native JavaScript objects
}

getData("sama").then((data) => {
    console.log(data); // JSON data parsed by `data.json()` call
});

所有这些都是在公共资料页面上完成的，例如https://twitter.com/sama

它给了我这个错误

Promise {<rejected>: TypeError: Failed to execute 'fetch' on 'Window': Invalid name

我没有复制所有标题，只是复制了我认为重要的标题

我从网络选项卡中解码了 url 和 cookie 字符串（因此请求中可能没有错误的字符）

我在这里做错了什么？

此外，所有代币等都是安全公开的，因为它们都在未登录的隐身窗口中！