Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Response code 418 from request #4

Closed
juiceo opened this issue Nov 7, 2017 · 13 comments
Closed

Response code 418 from request #4

juiceo opened this issue Nov 7, 2017 · 13 comments

Comments

@juiceo
Copy link

juiceo commented Nov 7, 2017

Trying to use this library within a React app, and making calls from the app running on localhost yields a 418 response code. Am I missing some setup step, or why is this happening?
@derhuerst
Copy link
Owner

HTTP 418 is an April Fool's Day joke, so either FlightRadar24 is trolling you or you have a malfunctioning setup.

Can you give me more details in order to reproduce the problem? Maybe all parameters or even a curl command (you can get that from the Chrome network inspector)?

@juiceo
Copy link
Author

juiceo commented Nov 7, 2017

Hey, thanks for the quick response.

So my code is exactly the same as the example code in README, and when I try the same request url in a browser it works as expected. Request url is: https://data-live.flightradar24.com/zones/fcgi/feed.js?bounds=53%2C52%2C13%2C14&callback=jsonp&faa=1&flarm=1&mlat=1&adsb=1&air=1&gnd=0&vehicles=0&gliders=0

There's a couple of issues that Chrome is complaining about:

  • Refused to set unsafe header "user-agent"
  • No 'Access-Control-Allow-Origin' header is present. This is likely not related, I am able to fix it a CORS plugin in chrome.

image

cURL for the request:

curl 'https://data-live.flightradar24.com/zones/fcgi/feed.js?bounds=53%2C52%2C13%2C14&callback=jsonp&faa=1&flarm=1&mlat=1&adsb=1&air=1&gnd=0&vehicles=0&gliders=0' -H 'origin: http://localhost:3000' -H 'accept-encoding: gzip, deflate, br' -H 'accept-language: en-GB,en;q=0.8,en-US;q=0.6,fi;q=0.4' -H 'user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36' -H 'accept: /' -H 'referer: http://localhost:3000/' -H 'authority: data-live.flightradar24.com' --compressed

@derhuerst
Copy link
Owner

derhuerst commented Nov 7, 2017
edited
Loading

when I try the same request url in a browser it works as expected. Request url is: [...]

cURL for the request: [...]

The curl command reproduces the 418 error. It is certainly a weird choice done by FlightRadar24 to return an "I'm a teapot" error on any of their public routes.

No 'Access-Control-Allow-Origin' header is present. This is likely not related, I am able to fix it a CORS plugin in chrome.

I will fix this. My code already fetches in CORS mode, so this must be your setup.

@derhuerst
Copy link
Owner

I successfully nailed it down to the Referer: http://localhost:3000/ header. Referer: http://foo.bar.horse:3000/ works fine.

@derhuerst
Copy link
Owner

Maybe we can ping someone from @Flightradar24 ?

@juiceo
Copy link
Author

juiceo commented Nov 7, 2017

Hmm, so is there a way I can hack the referer to an ok value to make it work? For my use case it would just probably be running on localhost and be displayed on a screen

@derhuerst
Copy link
Owner

derhuerst commented Nov 7, 2017
edited
Loading

FlightRadar24 may try to block unauthorised access to their API using this trick. I can set up a CORS proxy that strips the Referer at any time though to circumvent it.

I will try to set the referrer option of fetch to no-referrer. But I'm not sure it's supported in every browser.

@derhuerst
Copy link
Owner

Can you confirm it's fixed as of the current master (3eae7ab)?

@juiceo
Copy link
Author

juiceo commented Nov 7, 2017

hmm, still facing the same issue with 3eae7ab (0.2.1). Tested on chrome and firefox.

cURL:

curl 'https://data-live.flightradar24.com/zones/fcgi/feed.js?bounds=53%2C52%2C13%2C14&callback=jsonp&faa=1&flarm=1&mlat=1&adsb=1&air=1&gnd=0&vehicles=0&gliders=0' -H 'origin: http://localhost:3000' -H 'accept-encoding: gzip, deflate, br' -H 'accept-language: en-GB,en;q=0.8,en-US;q=0.6,fi;q=0.4' -H 'user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36' -H 'accept: /' -H 'referer: http://localhost:3000/' -H 'authority: data-live.flightradar24.com' --compressed

@derhuerst
Copy link
Owner

Can you show me the headers being sent? You can see them in the network inspector, when selecting the request.

@juiceo
Copy link
Author

juiceo commented Nov 7, 2017
edited
Loading

This is what you're looking for, right?

:authority:data-live.flightradar24.com
:method:GET
:path:/zones/fcgi/feed.js?bounds=53%2C52%2C13%2C14&callback=jsonp&faa=1&flarm=1&mlat=1&adsb=1&air=1&gnd=0&vehicles=0&gliders=0
:scheme:https
accept:/
accept-encoding:gzip, deflate, br
accept-language:en-GB,en;q=0.8,en-US;q=0.6,fi;q=0.4
origin:http://localhost:3000
referer:http://localhost:3000/
user-agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

@derhuerst
Copy link
Owner

Apparently your browser still sent the Referer header. Try again with the latest master (faf206b).

@derhuerst
Copy link
Owner

I assume this has been fixed. Please reopen if the issue still persists.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@derhuerst @juiceo