I don't quiet understand what I am missing. If I open a new browser, cleared of all cookies, cache, everything, and go to this an api endpoint for a specific site ("api.site.com/data?key=my_key"), I get a proper 200 response with data returned. I go to dev tools in my browser, copy every header sent with that request and include it in my request:
headers = {
"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:92.0) Gecko/20100101 Firefox/92.0",
"Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8",
"Accept-Language": "en-US,en;q=0.5",
"Accept-Encoding": "gzip, deflate, br",
"Connection": "keep-alive",
"DNT": "1",
"Host": "api.site.com",
"Upgrade-Insecure-Requests": "1",
"Sec-Fetch-Dest": "document",
"Sec-Fetch-Mode": "navigate",
"Sec-Fetch-Site": "none",
"Sec-Fetch-User": "?1"
}
r = requests.get("api.site.com/data?key=my_key", headers=headers)
print(r.status_code)
Return status code is 403 though and I get a cloudflare 1020 error. What else am I missing that allows cloudflare to distinguish between these two requests? The headers are identical, it's a simple get request, no cookies are being sent either.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.