Cyberpower678
Reputation: 168
How can I get CURL to correctly perform an HTTP/2 request?
So I am trying to query the following URL: http://mil.sagepub.com/content/17/2/227.short
Here's the situation: On a browser such as Chrome or Safari it will:
- 307 to https://mil.sagepub.com/content/17/2/227.short and then
- 301 to https://journals.sagepub.com/doi/abs/10.1177/03058298880170020901
- which returns 200
On cURL, it will:
- 307 to https://mil.sagepub.com/content/17/2/227.short
- which returns 503
So naturally, I go to Chrome and copy the request to https://mil.sagepub.com/content/17/2/227.short as a bash cURL command. I paste it into bash, and I get a 503. I try copying the Safari request to the same page as a bash cURL command, and also a 503. So seemingly two cURL requests formatted to perfectly imitate the browser request returns a 503.
On my PHP cURL options, I try and experiment with different options, but it also only returns a 503. So I have 3 different OSs and PHP's cURL library getting 503 responses, while web browsers get a 200 OK response.
Here is the outgoing request my PHP code tried to send with cURL:
GET /content/17/2/227.short HTTP/2
Host: mil.sagepub.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36
authority: mil.sagepub.com
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
accept-encoding: gzip, deflate, br
upgrade-insecure-requests: 1
cache-control: max-age=0
connection: keep-alive
keep-alive: 300
accept-charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
accept-language: en-US,en;q=0.9,de;q=0.8
dnt: 1
sec-ch-ua: "Google Chrome";v="105", "Not)A;Brand";v="8", "Chromium";v="105"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: none
sec-fetch-user: ?1
The method that sets all of the curl options and generates the above request header is as below:
$url = "https://mil.sagepub.com/content/17/2/227.short"
$full = true
$tor = false
$httpVersion = CURL_HTTP_VERSION_2_0 // HTTP/1.1 doesn't seem to work in this page
$this->userAgent = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36"
$this->curlTimeoutFull = 60
protected function getCurlOptions( $url, $full = false, $tor = false, $httpVersion = CURL_HTTP_VERSION_NONE ) {
$requestType = $this->getRequestType( $url );
if ( $requestType == "MMS" ) {
$url = str_ireplace( "mms://", "rtsp://", $url );
}
$options = [
CURLOPT_URL => $url,
CURLOPT_HEADER => 1,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_AUTOREFERER => true,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_TIMEOUT => $this->curlTimeoutNoBody,
CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_COOKIEJAR => sys_get_temp_dir() . "checkifdead.cookies.dat",
CURLOPT_HTTP_VERSION => $httpVersion,
CURLINFO_HEADER_OUT => 1
];
if ( $requestType == "RTSP" || $requestType == "MMS" ) {
$header = [];
$options[CURLOPT_USERAGENT] = $this->mediaAgent;
} else {
// Properly handle HTTP version
// Emulate a web browser request but make it accept more than a web browser
if ( in_array( $httpVersion, [CURL_HTTP_VERSION_1_0, CURL_HTTP_VERSION_1_1, CURL_HTTP_VERSION_NONE] ) ) {
$header = [
// @codingStandardsIgnoreStart Line exceeds 100 characters
'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9',
// @codingStandardsIgnoreEnd
'Accept-Encoding: gzip, deflate, br',
'Upgrade-Insecure-Requests: 1',
'Cache-Control: max-age=0',
'Connection: keep-alive',
'Keep-Alive: 300',
'Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7',
'Accept-Language: en-US,en;q=0.9,de;q=0.8',
'Pragma: '
];
} elseif ( in_array( $httpVersion, [CURL_HTTP_VERSION_2, CURL_HTTP_VERSION_2_0, CURL_HTTP_VERSION_2_PRIOR_KNOWLEDGE, CURL_HTTP_VERSION_2TLS] ) ) {
$parsedURL = $this->parseURL( $url );
$header = [
'authority: ' . $parsedURL['host'],
//':method: get',
//':path: ' . $parsedURL['path'],
//':scheme: ' . strtolower( $parsedURL['scheme'] ),
// @codingStandardsIgnoreStart Line exceeds 100 characters
'accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9',
// @codingStandardsIgnoreEnd
'accept-encoding: gzip, deflate, br',
'upgrade-insecure-requests: 1',
'cache-control: max-age=0',
'connection: keep-alive',
'keep-alive: 300',
'accept-charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7',
'accept-language: en-US,en;q=0.9,de;q=0.8',
'dnt: 1'
];
if ( $requestType == "HTTPS" ) {
$header[] = 'sec-ch-ua: "Google Chrome";v="105", "Not)A;Brand";v="8", "Chromium";v="105"';
$header[] = 'sec-ch-ua-mobile: ?0';
$header[] = 'sec-ch-ua-platform: "' . $this->getRequestPlatform() . '"';
$header[] = 'sec-fetch-dest: document';
$header[] = 'sec-fetch-mode: navigate';
$header[] = 'sec-fetch-site: none';
$header[] = 'sec-fetch-user: ?1';
}
}
if ( $this->customUserAgent === false ) {
$options[CURLOPT_USERAGENT] = $this->userAgent;
} else {
$options[CURLOPT_USERAGENT] = $this->customUserAgent;
}
}
if ( $requestType == 'FTP' ) {
$options[CURLOPT_FTP_USE_EPRT] = 1;
$options[CURLOPT_FTP_USE_EPSV] = 1;
$options[CURLOPT_FTPSSLAUTH] = CURLFTPAUTH_DEFAULT;
$options[CURLOPT_FTP_FILEMETHOD] = CURLFTPMETHOD_SINGLECWD;
if ( $full ) {
// Set CURLOPT_USERPWD for anonymous FTP login
$options[CURLOPT_USERPWD] = "anonymous:[email protected]";
}
}
if ( $full ) {
// Extend timeout since we are requesting the full body
$options[CURLOPT_TIMEOUT] = $this->curlTimeoutFull;
$options[CURLOPT_HTTPHEADER] = $header;
if ( $requestType != "MMS" && $requestType != "RTSP" ) {
$options[CURLOPT_ENCODING] = 'gzip, deflate, br';
}
$options[CURLOPT_USERAGENT] = $this->userAgent;
} else {
$options[CURLOPT_NOBODY] = 1;
}
if ( $tor && self::$torEnabled ) {
$options[CURLOPT_PROXY] = self::$socks5Host . ":" . self::$socks5Port;
$options[CURLOPT_PROXYTYPE] = CURLPROXY_SOCKS5_HOSTNAME;
$options[CURLOPT_HTTPPROXYTUNNEL] = true;
} else {
$options[CURLOPT_PROXYTYPE] = CURLPROXY_HTTP;
}
return $options;
}
My question is, what am I missing here?
Upvotes: 2
Views: 4131
Answers (4)
Hadi Majidi
Reputation: 431
I had a similar problem with redirect 301. I just added and problem solved.
$ch = curl_init();
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
Upvotes: -1
Stefan Schmidt
Reputation: 3957
If the issue here actually is TLS fingerprinting then using an HTTP proxy like mitmproxy, HTTP Toolkit or NaïveProxy might be a possible workaround. For details see disscussion here and here. Another option could be to use curl-impersonate as pointed here.
Upvotes: 1
Misunderstood
Reputation: 5665
UPDATE
Last night I had not time to look at the HTML. Now that I have, it's disappointing. I've taken a little more time to look at the HTML. It is the HTML for the Cloudflare "Checking Security" message.
I retrieved the response header. And it is a 503 response.
I do not have security certificates for my curl and don't really have the time do install the now.
This one is going to be a challenge. I wish I had more time now because I like a challenge. I may work on this in the near future (weeks/months).
If you are going to continue you may need some of these curl options.
Start with CURLOPT_CAINFO / CURLOPT_CAPATH
CURLINFO_SSL_VERIFYRESULT
CURLINFO_HTTPAUTH_AVAIL
CURLOPT_HTTPAUTH the HTTP authentication method(s) to use.
CURLINFO_SSL_ENGINES
CURLINFO_CERTINFO true to output SSL certification information to STDERR on secure transfers
CURLINFO_APPCONNECT_TIME
CURLINFO_REDIRECT_COUNT -
CURLINFO_REDIRECT_URL
CURLINFO_EFFECTIVE_URL
Options
CURLOPT_UNRESTRICTED_AUTH
CURLOPT_SSLVERSION Your best bet is to not set this and let it use the default
CURLOPT_SSL_OPTIONS
CURLOPT_KEYPASSWD
CURLOPT_PINNEDPUBLICKEY
CURLOPT_SSH_PRIVATE_KEYFILE
CURLOPT_CAPATH A directory that holds multiple CA certificates
CURLOPT_CAINFO The name of a file holding one or more certificates to verify the peer with.
CURLOPT_SSL_VERIFYHOST 0 to not check the names. 1 should not be used. 2 to verify that a Common Name field
CURLOPT_SSL_VERIFYPEER false to stop cURL from verifying the peer's certificate.
CURLOPT_SSL_VERIFYSTATUS true to verify the certificate's status.
CURLOPT_CERTINFO true to output SSL certification information to STDERR on secure transfers.
CURLOPT_FRESH_CONNECT true to force the use of a new connection instead of a cached one.
CURLOPT_SSL_ENABLE_NPN
CURLOPT_SSL_ENABLE_ALPN
CURLOPT_SSL_FALSESTART true to enable TLS false start
CURLOPT_SSH_AUTH_TYPES
CURLOPT_LOGIN_OPTIONS
CURLOPT_SSL_CIPHER_LIST
CURLOPT_SSLCERTPASSWD
CURLOPT_SSLKEY
CURLOPT_SSLENGINE
CURLOPT_SSLKEYPASSWD
CURLOPT_SSLKEYTYPE
CURLOPT_SSL_CIPHER_LIST
CURLOPT_SSH_PRIVATE_KEYFILE
These are the SSL security error codes.
CURLE_SSL_CONNECT_ERROR (35)
CURLE_SSL_ENGINE_NOTFOUND (53)
CURLE_SSL_ENGINE_SETFAILED (54)
CURLE_SSL_CERTPROBLEM (58)
CURLE_SSL_CIPHER (59)
CURLE_PEER_FAILED_VERIFICATION (60)
CURLE_SSL_ENGINE_INITFAILED (66)
CURLE_LOGIN_DENIED (67)
CURLE_SSL_CACERT_BADFILE (77)
CURLE_SSH (79)
CURLE_SSL_CRL_BADFILE (82)
CURLE_SSL_ISSUER_ERROR (83)
CURLE_SSL_PINNEDPUBKEYNOTMATCH (90)
CURLE_SSL_INVALIDCERTSTATUS (91)
CURLE_AUTH_ERROR (94)
CURLE_SSL_CLIENTCERT (98)
Response Headers
HTTP/2 503
date: Fri, 07 Oct 2022 23:36:20 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referer-policy: same-origin
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
set-cookie: __cf_bm=ephtbgHn7LX95.n_3NjMptBv8PFRRJP_6xtBw_9Ci0A-1665185780-0-ATjw+AOJfmTzUGIfBhlg8p6scov6AoznbSauiS3ofTN6KYEebpn4p+k3lU+5l6zZRwENm0kYDHa9zptcfePujs8=; path=/; expires=Sat, 08-Oct-22 00:06:20 GMT; domain=.sagepub.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 756a755a18e95e68-TPA
End of Update
I tried the curl below and it appeared to work.
When I used this header it did not work.
header("Content-Type: text/html; UTF-8");
Notice the header() below.
<?php
header("Content-Type: text/plain; UTF-8");
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://journals.sagepub.com/doi/abs/10.1177/03058298880170020901');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'GET');
curl_setopt($ch, CURLOPT_HTTPHEADER, [
'User-Agent' => 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:106.0) Gecko/20100101 Firefox/106.0',
'Accept' => 'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8',
'Accept-Language' => 'en-US,en;q=0.5',
'Accept-Encoding' => 'gzip, deflate, br',
'DNT' => '1',
'Connection' => 'keep-alive',
'Upgrade-Insecure-Requests' => '1',
'Sec-Fetch-Dest' => 'document',
'Sec-Fetch-Mode' => 'navigate',
'Sec-Fetch-Site' => 'cross-site',
'Pragma' => 'no-cache',
'Cache-Control' => 'no-cache',
]);
curl_setopt($ch, CURLOPT_COOKIE, 'JSESSIONID=aaaf4hNAtZPHz_3k0KSoy; SERVER=lZreQKWihabND4/rEplMDWnYKk2egCfX; __cf_bm=PzjJU2qBrjwilfLqClzWC.zRk49hsY6b7e4F8WtMiMA-1665105299-0-AYf2x4A2SmmdyIQGUHAY0jdkGZtI3qyt3W48WENOL6tGZLEYJ/IqcD5GAWn10V5J+khYliOD7yhKrtVlGXwpawI=; MAID=cqVoyumi6JY4MYyiVyj//w==; MACHINE_LAST_SEEN=2022-10-06T18%3A15%3A00.400-07%3A00; usprivacy=1Y--');
$response = curl_exec($ch);
echo $response;
This is the response
<!DOCTYPE html>
<html lang="en-US">
<head>
<title>Just a moment...</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta http-equiv="X-UA-Compatible" content="IE=Edge" />
<meta name="robots" content="noindex,nofollow" />
<meta name="viewport" content="width=device-width,initial-scale=1" />
<link href="/cdn-cgi/styles/challenges.css" rel="stylesheet" />
<meta http-equiv="refresh" content="35">
</head>
<body class="no-js">
<div class="main-wrapper" role="main">
<div class="main-content">
<h1 class="zone-name-title h1">
<img class="heading-favicon" src="/favicon.ico"
onerror="this.onerror=null;this.parentNode.removeChild(this)" />
journals.sagepub.com
</h1>
<h2 class="h2" id="challenge-running">
Checking if the site connection is secure
</h2>
<noscript>
<div id="challenge-error-title">
<div class="h2">
<span class="icon-wrapper">
<div class="heading-icon warning-icon"></div>
</span>
<span id="challenge-error-text">
Enable JavaScript and cookies to continue
</span>
</div>
</div>
</noscript>
<div id="trk_jschal_js" style="display:none;background-image:url('/cdn-cgi/images/trace/jsch/nojs/transparent.gif?ray=7562d7b24c405e68')"></div>
<div id="challenge-body-text" class="core-msg spacer">
journals.sagepub.com needs to review the security of your connection before proceeding.
</div>
<form id="challenge-form" action="/doi/abs/10.1177/03058298880170020901?__cf_chl_f_tk=2isUlGhlWW3V2j9Kjj8DwMFDI2e5zBKVHQMe3nobTys-1665105922-0-gaNycGzNCOU" method="POST" enctype="application/x-www-form-urlencoded">
<input type="hidden" name="md" value="PQaRto6SpdNW5tB2CzRq9tnhClVf9vWYghzKuRjDWOQ-1665105922-0-AeraO7jbF6VbQcW0RvUhPT1qfbCcUTYiREg7FWQynA4OVtiTbls-NlCSXpbPLK_-bVRyI6_Wphk1k1XY_lxg0MVXMZ2tT5RmeYGnJYD5T-de61VfREEcZtpE5oaFnFmWVY38q9TYjq1CllDiszTadCdO-j4yvW51pLjc-LT8Z4OIHRgA1TG92oykPVkBoKgUcuUVGpZhsklb5S7Mz5h31OlmT8X_oMpHigkNwFWCVnuxl5_6FePRATc-hGFOYs6YFMu6P2GlAOigwfjRBmYi1ftmoQqBXK7wmb9HHmzrz1_BurTIQMFZyL-GExcvzgMud539jGN1mhQMiEfA44cezwbDBCp_TZLvF0l4_jx6ON49_M1aKzD3uM0Y7AO7WY7RnoED4ljPYcBvOQJyIF0QY_LLCZPoApA2pP4ku8J3uHa1ziS_fL6vOJD-cEkHMKMEFWMoOYCNYVQg1z_x0k7Pj2O_7svXqMyqk990LloFkmezlHPnw7k58EE8A8-KZavGjKAZnVKI4nZ5Kgr1ng8IDwsk64EiblwOTmvQoGBDObBxNI5QKmHY1of7zyaSlv233SzrJpn1JMP8o1gqtIVkQKTsV5cz8RQ59Zdrfc30zJhtc0R4REKiX7KaQ6hfmoZQLkuocj_TIF1cFYcF_UD_sl1gqV4pKejaZXtYc-zScMFCQBBPlgRIN3z2QD47WFCBR8-AQWgq2mkxE8GvbfwgoBw" />
<input type="hidden" name="r" value="4ga_OQoCt0ZP_Qytdr9ME00oPYmCHboqWnNiiVPIL4o-1665105922-0-AQ5V/dQHa2NaMlQDJ3v4D9IAB2MuFm30IpZKei7Z4tI9fCuFXT0VWdD+l9FshGYx5YBz5u86Ym5/ZKwJaw3A93MqGZzKysYqp2BUPENx8Tbm0XGZpI0s6SBb+AgVwnSbe0uKK28RBHYsTCTA2JX0Op5rWLvJT0o7G0UBkwBjoBwBYUGB4zcrPpGUBFZW4izVLm4kSdkkpKs7/n3/1nvIIfmEWBCm1Z6IoLhPFIan4aKMhymO96qSKt25TAhtBzNt/dv/r9iTb06EGlsF3r2CEUmlDP1VBjo9jYqIEiR9/5tiifCQ52JKHJZmOLuH0lqwicWNISfCvhrzMtdWKpUW3hSCnSNlSIr6x0H+ny4NFK8hg0y/b1Y4oFsqG9h4mXK9QDojLMiK4kK6/yz1a3snUe58xad4x8McL6JlqHFFUWzWxrs1IfQpUFBUSYnD12h0h00QyErge5qIb1ufZpaz/M+hiODNQhsj0NQPsWjrZ6RW0RAElJhgWn3/gLa/+BEuWxQc/raT6pxjNiMZLPAYV/H5B7q5hp2LBFBBaK4rH3QHxxunPlyrYAyPI9ke7Hqhwceliv31viTrVOuHeqkpw1zenp/6gz6N4ZdQqEMY/G2/5/cXsUSIPaAoB2TNYWcHJchtCJ8ANeikiNw7Wopo8CB54D48zrkYtu9Me3FMVBuPMNonvZy/uHnPGqqd67yYcR4ZqN0ceol85dYitQbExdz3Atr7civtdDD5Peu9ToRRpM+Jq1cKt9m8cLuNldf8WEIR7il1ugLhV4f8Q2xG/AuB1S2WoDwx5RqrUf2XWPdo3DVuk/W1+5wN/TWp0wMiiwk1xYk5LwReuP+YilaIkkPnJIAEUCpkR+/e0pHS/ceUu4Khx7X1Fw/WTTITU+bJ+3cUmvV9Vc1IEluULfeuBWylZ3fsW7qfeBIaJA6/1KtJFXPD7ggh0dees5jQrk0t2k0BkbCGcHsKS1PKL86BM5IzQAs5jk9bzxJC13J91iCB09kj7+gHnbvSniAw+luNAFZEQ1Ipt239rMWmSeSrDrQA/TyuETkl5WLvLY6LOYgmb6JQDRLtacWeqPt7U45e5OsCpUrdWcwTQR1K1yHh/DY8e9627S7ZhWpBcOPbfsvO9JOkTJqn2am/TWa2V0VbSNSHvdW2WmNnz8yLXTlo5L+QzGFTf06ywJV7luXHaTRAskV6qsaTl/5oYPmG+oH5sffEo8jr+xZ6iRYbgDMAn1Bo3O3IgFKidTpGcQ7GBfkBcvP2NUpqVq41rcHnmgyDLrru1Zi5ZTFir4iw7JMOYw9YNNw0Qy4iCLiFdFpuQaBjJC0faS890a+jjnsQvf9el/aDgrXkrGWlgvUn4EITE5Jc5b2XIm15DKCOqLJEdojUAgKdoxrQxoYYxsLVlbN8/eRB8Cuxus/BGH3Kxhbf3w8moEnyrvh+ZjzuSiEaYZYJx7I1mTJbLSdUyp74w5exEyX7U3h+1PCT4nd2tY5cS5teMVxmu+Q3Q8UFe7fsN49eMaGh1ggLScCH0zZtnt5Oms6lehrg8WfFdiaWWEvLTLEExO61IsGIWnWxcbh/cY1qeiD5E2W3RYei+XTsRb5kwFKilD248c159QJCepcGM0YZL7Ax6o0Bw4z5iDc+P5tJZN1qBIful2NJ40FF4jM+oDwf+8AzsxNilVoubBZvpB3qunvjMavbw3GoBPIDGi8gn19JznYK1Ccq+p/OAysjqpONhwB5vihBskpp6c5UZMIMXxGkfxGfKBzhO+JE/hvPvT9d4e/QpjOIBBT9tEIaSfatD1SBhVOR/n+qTCm0cEzJSfby6juHsIGi5lCBgIcngT5zx1bIFcDlxTBcFerq1W4sB61W0XFBgfj8z4uymavOlU5wnm8+y7yA0cHtZBfH08yqhg4zTKrM4iXzdfqmkqaYbxMT1x8unIezyqYCSvprrsYWmgNBlaDjDwvgAGGR9EPVg8LNDd9vA7F+zwNrVuHlwMB4XBRGoEUFd/3LAr5agzDY5fqqAVd3p2T6gHAVBOcaTPZHzNMuOdCQucaWq/keg9x3raSCFQcEXRMaS63uMB7tkScU+V8AAMooLVY+5Cc801G6pHfT8g/O4Ykd7hpQIFysIzRzYn4tzZzR/kXPLNZw+ISkbArswMfw12ICoChRWiWkoe8GB/bCUuplxv0K4GDaxZLzcrrKYyo73g4+EAMCJl3LapBmso6dEo1J"/>
</form>
</div>
</div>
<script>
(function(){
window._cf_chl_opt={
cvId: '2',
cType: 'non-interactive',
cNounce: '61335',
cRay: '7562d7b24c405e68',
cHash: '10218f759e4ab19',
cUPMDTk: "\/doi\/abs\/10.1177\/03058298880170020901?__cf_chl_tk=2isUlGhlWW3V2j9Kjj8DwMFDI2e5zBKVHQMe3nobTys-1665105922-0-gaNycGzNCOU",
cFPWv: 'b',
cTTimeMs: '1000',
cTplV: 4,
cTplB: 'cf',
cRq: {
ru: 'aHR0cHM6Ly9qb3VybmFscy5zYWdlcHViLmNvbS9kb2kvYWJzLzEwLjExNzcvMDMwNTgyOTg4ODAxNzAwMjA5MDE=',
ra: '',
rm: 'R0VU',
d: 'hUB8qW1/Rbwx33YUzcVMTqUu+pyyMH1g4rZFyeT71nouHfNa/kZzFRdfCTOxboH8qp84VRepH5UjSKXMIbGKvMYDMxYCMhms0yymP/QQVIWQyGHD19wnRWegLpiSX4mWkM/LS30eF/16qC+eEte4h6V1m/FL2qCQXsFqA9bhdq8v5IZ8soop1L7Mpzr6cCI/7rE4kJrxYtSBsrAdBN+zf9uZQpKszC1++hNaGtkek7bSSe5Ouuq6ilnV1PY+uC5bpilAe4B7rDxtBabC6JKwQ79AobM0TqDR99geXWC/ratOOAJHek7aV0bq3wdLJywqaCRNQ731sg/oLws049U9s9xh93wz8hlpAXqZQ7v/hItjco/USW4JsmwHidUFLWBM1d7HSLLVFdGSw7rAs9QG0mRv22jNCwH2A2PPlW0vQJKZ8VBwJjbL6a3oPXkDsp7l9UhV7a7Fu2gP/+vErmH7JsbWj+4thWgCSGhCwRiUuX1R1yvoMM+PE3WbV1Mg3UZeshibgBXZXzoxN+KEk9QXa9mL2FBqEc0m5k73uNgvl5PlpDCQLkXW1edTJFpwgxUqoNl/Cv2DbT8o9gyhxVcvmg==',
t: 'MTY2NTEwNTkyMi45NDIwMDA=',
m: 'uhMFR0Zz2KvO1IklAUNSaC4Dp7dCmCc5//+PPZeITRY=',
i1: '00a08NzJ+5CkmeYGE9ULuA==',
i2: '05tMwHIIyy7WJUV2JWbeXA==',
zh: 'gw7YMdbZ1M4iQ6cbqLPC730Ml6kaQ+3i4OTRjaElasU=',
uh: 'DV4j3Tmrbi5Rs1q3ahwVS6SgbPbI7np5884QO1u1Cgg=',
hh: 'c9ogzZPyf3xtUVOiYSAQbEsbym/d5b1rPQM2Rm/OUTE=',
}
};
var trkjs = document.createElement('img');
trkjs.setAttribute('src', '/cdn-cgi/images/trace/jsch/js/transparent.gif?ray=7562d7b24c405e68');
trkjs.setAttribute('style', 'display: none');
document.body.appendChild(trkjs);
var cpo = document.createElement('script');
cpo.src = '/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=7562d7b24c405e68';
window._cf_chl_opt.cOgUHash = location.hash === '' && location.href.indexOf('#') !== -1 ? '#' : location.hash;
window._cf_chl_opt.cOgUQuery = location.search === '' && location.href.slice(0, -window._cf_chl_opt.cOgUHash.length).indexOf('?') !== -1 ? '?' : location.search;
if (window.history && window.history.replaceState) {
var ogU = location.pathname + window._cf_chl_opt.cOgUQuery + window._cf_chl_opt.cOgUHash;
history.replaceState(null, null, "\/doi\/abs\/10.1177\/03058298880170020901?__cf_chl_rt_tk=2isUlGhlWW3V2j9Kjj8DwMFDI2e5zBKVHQMe3nobTys-1665105922-0-gaNycGzNCOU" + window._cf_chl_opt.cOgUHash);
cpo.onload = function() {
history.replaceState(null, null, ogU);
};
}
document.getElementsByTagName('head')[0].appendChild(cpo);
}());
</script>
<div class="footer" role="contentinfo">
<div class="footer-inner">
<div class="clearfix diagnostic-wrapper">
<div class="ray-id">Ray ID: <code>7562d7b24c405e68</code></div>
</div>
<div class="text-center">Performance & security by <a rel="noopener noreferrer" href="https://www.cloudflare.com?utm_source=challenge&utm_campaign=j" target="_blank">Cloudflare</a></div>
</div>
</div>
</body>
</html>
Using header("Content-Type: text/html; UTF-8"); I got this:
Upvotes: 1
Cyberpower678
Reputation: 168
Unfortunately, this appears to be CloudFlare using TLS fingerprinting to distinguish cURL requests from actual browsers. There doesn't likely exist a means to work around this. Please correct me if I'm wrong here.
Upvotes: 1
Related Questions
- PHP CURL & HTTPS
- Make HTTP/2 request with PHP
- CURL HTTP2 request
- Can't send HTTP/2 request with curl
- HTTP2 with CURL gives "Unsupported Protocol"
- How to force CURL to ask for http/1.1? Or maybe there's another issue, not sure
- PHP7, HTTP2 with cURL
- Using curl instead of http request 2 in PHP
- Curl SSL Request 400 Bad Request
- Getting cURL to work in PHP with HTTPS