Use browser-like order of http headers to avoid triggering bot detections#3552
Merged
Grotax merged 2 commits intonextcloud:masterfrom Feb 9, 2026
Merged
Use browser-like order of http headers to avoid triggering bot detections#3552Grotax merged 2 commits intonextcloud:masterfrom
Grotax merged 2 commits intonextcloud:masterfrom
Conversation
…parameter for guzzle Signed-off-by: Wolfgang <github@linux-dude.de>
wofferl
added
3. to review
API
Grotax
approved these changes
Feb 8, 2026
Contributor
There was a problem hiding this comment.
Pull request overview
Adjusts the backend HTTP client configuration (Guzzle) used by the News app’s fetchers to better mimic browser request header ordering (notably ensuring User-Agent precedes other headers) and to correctly apply the max-redirect limit after the Guzzle 7 option change—aiming to reduce 403/bot-detection blocks (e.g., Reddit).
Changes:
- Introduce a
defaultConfigand merge it with the provided$configto control header insertion order and provide consistent defaults. - Ensure
User-Agentis present by default and merged ahead of other headers. - Switch redirect limiting from the legacy
redirect.maxkey to Guzzle 7’sallow_redirects['max'].
Signed-off-by: Wolfgang <github@linux-dude.de>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
It seems that the fix #3533 now triggers bot detections like on reddit.com which now gets again "403 denied".
This PR makes sure that the headers are browser-like and, as before, with the User-Agent before other headers.
It also fixes the max redirect option which changed with guzzle 7.
Checklist