AlexSakai06
Reputation: 140
axios.get() error: true with 403 error code?
I called thirdparty api in nodejs(magiceden on solana blockchain) but 403 error returned.
it does not have any UI, it's just a api function call!
'isAxiosError: true' log resulted.
The api call is performed in get method.
so I inputed the req url in the browser, and the success result shown.
I mean the url returns successful result on browser, but with axios.get() request it failed.
'Error: Request failed with status code 403
at createError (..\createError.js:16:15)
at settle (C:\workspace\solana-wallet-nft-track-secondary_market\node_modules\axios\lib\core\settle.js:17:12)
at IncomingMessage.handleStreamEnd (C:\workspace\solana-wallet-nft-track-secondary_market\node_modules\axios\lib\adapters\http.js:293:11)
at IncomingMessage.emit (node:events:402:35)
at IncomingMessage.emit (node:domain:475:12)
at endReadableNT (node:internal/streams/readable:1343:12)
at processTicksAndRejections (node:internal/process/task_queues:83:21) {
config: {
transitional: {
silentJSONParsing: true,
forcedJSONParsing: true,
clarifyTimeoutError: false
},
headers: {
Accept: 'application/json, text/plain, */*',
'Access-Control-Allow-Origin': '*',
'User-Agent': 'axios/0.24.0'
},
method: 'get',
url: 'https://api-mainnet.magiceden.io/rpc/getGlobalActivitiesByQuery?q={"%24match"%3A{"txType"%3A"initializeEscrow"%2C"blockTime"%3A{"%24gt"%3A1643376700}}%2C"%24sort"%3A{"blockTime"%3A-1}}',
data: undefined
},
...
},
response: {
status: 403,
statusText: 'Forbidden',
headers: {
date: 'Fri, 28 Jan 2022 13:33:20 GMT',
'content-type': 'text/html; charset=UTF-8',
'transfer-encoding': 'chunked',
connection: 'close',
'cf-chl-bypass': '1',
'permissions-policy': 'accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()',
'cache-control': 'private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0',
expires: 'Thu, 01 Jan 1970 00:00:01 GMT',
'x-frame-options': 'SAMEORIGIN',
'expect-ct': 'max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"',
server: 'cloudflare',
'cf-ray': '6d4a978a9f812059-NRT',
'alt-svc': 'h3=":443"; ma=86400, h3-29=":443"; ma=86400'
},
config: {
},
request: <ref *1> ClientRequest {
_events: [Object: null prototype],
_eventsCount: 7,
_maxListeners: undefined,
outputData: [],
outputSize: 0,
writable: true,
destroyed: false,
_last: true,
chunkedEncoding: false,
shouldKeepAlive: false,
maxRequestsOnConnectionReached: false,
_defaultKeepAlive: true,
useChunkedEncodingByDefault: false,
sendDate: false,
_removedConnection: false,
_removedContLen: false,
_removedTE: false,
_contentLength: 0,
_hasBody: true,
_trailer: '',
finished: true,
_headerSent: true,
_closed: false,
socket: [TLSSocket],
_header: 'GET /rpc/getGlobalActivitiesByQuery?q=%7B%22%24match%22%3A%7B%22txType%22%3A%22initializeEscrow%22%2C%22blockTime%22%3A%7B%22%24gt%22%3A1643376700%7D%7D%2C%22%24sort%22%3A%7B%22blockTime%22%3A-1%7D%7D HTTP/1.1\r\n' +
'Accept: application/json, text/plain, */*\r\n' +
'Access-Control-Allow-Origin: *\r\n' +
'User-Agent: axios/0.24.0\r\n' +
'Host: api-mainnet.magiceden.io\r\n' +
'Connection: close\r\n' +
'\r\n',
_keepAliveTimeout: 0,
_onPendingData: [Function: nop],
agent: [Agent],
socketPath: undefined,
method: 'GET',
maxHeaderSize: undefined,
insecureHTTPParser: undefined,
path: '/rpc/getGlobalActivitiesByQuery?q=%7B%22%24match%22%3A%7B%22txType%22%3A%22initializeEscrow%22%2C%22blockTime%22%3A%7B%22%24gt%22%3A1643376700%7D%7D%2C%22%24sort%22%3A%7B%22blockTime%22%3A-1%7D%7D',
_ended: true,
res: [IncomingMessage],
aborted: false,
timeoutCb: null,
upgradeOrConnect: false,
parser: null,
maxHeadersCount: null,
reusedSocket: false,
host: 'api-mainnet.magiceden.io',
protocol: 'https:',
_redirectable: [Writable],
[Symbol(kCapture)]: false,
[Symbol(kNeedDrain)]: false,
[Symbol(corked)]: 0,
[Symbol(kOutHeaders)]: [Object: null prototype]
},
data: ''
isAxiosError: true,
toJSON: [Function: toJSON]
Upvotes: 3
Views: 4913
Answers (1)
T.J. Crowder
Reputation: 1075567
The resource you're trying to use does a fairly subtle thing:
- It returns a 403 (Forbidden) response with HTML showing an error page.
- The custom HTML has embedded, obfuscated JavaScript that does some things (presumably to protect the target from DDoS attacks and the like) and then replaces the current page with the response you actually want (via
history.replaceState).
A browser with JavaScript enabled will run the JavaScript on the error page and replace it so quickly you don't really notice. But axios just returns the error page to your code.
This appears to be done via CloudFlare. It may be for bot-prevention or similar. I'm sure we've all see that "CloudFlare is checking your browser..." page that appears sometimes before the real thing we requested appears. This would seem to be in a similar category.
Upvotes: 3
Related Questions
- request failed with status code 403(forbidden) in axios.get
- Request for an API with Axios - Unauthorized
- Node `https.get` returns 403, `axios.get` and `curl` return 200
- Status code 403 ...only when request from my serveur not in local
- Getting Request failed with status code 403 with axios get
- Why is my HTTP get request giving me a 403 error?
- Axios get request response with 403 error forbidden
- Axios GET request not working
- Why am I still getting a 401(Unauthorized) error from api get request?
- Why Axios logs error 403 even when I catch it