When I send a plain GET request with Postman this takes about 228ms consistently and yields a json response. As you can see I disabled cookies and headers in the request to have the exact same request. The generated curl seems to confirm this. Please have a better look at my first 2 screenshots of Postman for proof (I would doubt me as well). No headers at all, even in de 2nd image of the debug console you’ll see no headers should be sent.
When I try the same thing with PhpStorm’s HTTP client
I get a timeout (except for 1 time which worked after 30 seconds)
Same thing in code:
$result = Http::timeout(10)
->get('https://mobileapi.jumbo.com/v17/products');
dump($result->body());
Making the request in curl
is even weirder:
So we have 3 different responses for seemingly the same request:
- Postman: fast response (< 400ms) with expected body
- both PhpStorm and php code: timeout even with more that 10 seconds of allowed time
- curl request generated by Postman: Access Denied
Update
Found a solution to my problem, but the reason why Postman works without it still baffles me: A User-Agent header containing exactly "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko/20100101 Firefox/102.0" works. However as you can see in above screenshots I don’t send this header in Postman and there it works without. This question as to why this happens still stands.
2
Answers
It’s often due to some subtle differences in the way the requests are being sent or received. Here are some possible reasons:
Headers: Postman might automatically include headers that PhpStorm, Laravel, or curl don’t.
SSL/TLS configurations: If the server uses HTTPS, the SSL/TLS setup could cause differences.
Proxies: Differences in proxy settings across the clients could affect the results.
Cookies: Ensure cookies are truly disabled in all clients.
It’s important to compare the actual requests being sent in each client to identify any discrepancies.
One other possible reason can be Firewall Settings
Postman has a default User-Agent that it sends with every request (temporary headers) if you don’t specify a different one. This is likely why you’re able to make the request in Postman without explicitly setting the User-Agent header. The api endpoint probably recognizes Postman’s default User-Agent and allows the request.
You could try to enable the header in the header section but leave the value field blank. This will override the temp headers set by postman.
PhpStorm’s built-in HTTP client does not automatically add a User-Agent header to the requests. If you want to include a User-Agent header, you need to add it manually to your request.
The api endpoint probably requires some headers to be set, otherwise it will block the request.