Question posted in 
I was just trying to make covid vaccine alert using Cowin Setu API (India) in nodejs. But I am facing some strange thing, whenever I hit get request I got 403 response code from cloudfront says ‘Request Blocked’ but the same is working from postman as well as from browser. Please help me in this
Getting this error:-
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML><HEAD><META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<TITLE>ERROR: The request could not be satisfied</TITLE>
</HEAD><BODY>
<H1>403 ERROR</H1>
<H2>The request could not be satisfied.</H2>
<HR noshade size="1px">
Request blocked.
We can't connect to the server for this app or website at this time. There might be too much traffic or a configuration error. Try again later, or contact the app or website owner.
<BR clear="all">
If you provide content to customers through CloudFront, you can find steps to troubleshoot and help prevent this error by reviewing the CloudFront documentation.
<BR clear="all">
<HR noshade size="1px">
<PRE>
Generated by cloudfront (CloudFront)
Request ID: Q1RZ94qgFp6AjUUKE4e9urMB85VejcqMbaJO6Y8Xq5Qp4kNjDBre9A==
</PRE>
<ADDRESS>
</ADDRESS>
</BODY></HTML>Here’s my nodejs code:
var express = require("express");
var app = express();
var bodyParser = require("body-parser");
const axios = require("axios");
const { Telegram } = require("telegraf");
const fetch = require("node-fetch");
var cors = require('cors');
var request=require('request');
const tg = new Telegram(process.env.BOT_TOKEN);
const bot = new Telegram(process.env.BOT_TOKEN, {
polling: true
});
//bot.start((ctx) => ctx.reply('Welcom to Covid Vaccine Finder'))
/*bot.hears("about", ctx => {
ctx.reply("Hey, I am CoviBot!");
});
bot.launch();*/
app.use(bodyParser.json());
app.use(cors());
app.use(
bodyParser.urlencoded({
extended: true
})
);
app.get("/", function(req, res) {
res.send("Welcom to Covid Vaccine Finder");
});
app.get("/test", function(req, res, next) {
var d = new Date();
var options = {
year: "numeric",
month: "2-digit",
day: "2-digit"
};
var date = String(d.toLocaleDateString("en", options));
date = date.replace(///g, "-");
console.log(date);
const URL =
"https://cdn-api.co-vin.in/api/v2/appointment/sessions/public/findByPinpincode=110088&date=13-05-2021";
var options = {
url: URL,
method: 'GET',
headers: {
'Accept-Encoding': 'gzip, deflate',
'Accept-Language': 'en-GB,en;q=0.8,en-US;q=0.6,hu;q=0.4',
'Cache-Control': 'max-age=0',
Connection: 'keep-alive',
Host: 'cdn-api.co-vin.in',
'User-Agent': 'request',
}
};
request(options,function(err,res,body){
let json = body;
console.log(json);
});
const txt = "Finding vaccine centres for you....";
//tg.sendMessage(process.env.GROUP_ID, txt);
res.send(txt);
});
// Finally, start our server
app.listen(process.env.PORT, function() {
console.log("Covid app listening on port 3000!");
});
I hope this problem will solve
Thanks
8
Answers
Use following
I added a
user-agentheader to the request so that the API would recognize that my request is coming from a browser, rather than a script.You have to use User Agent Identifier API
Please refer this
https://devcenter.heroku.com/articles/useragentidentifier#using-with-python
You have to make your request in the following format, I am attaching sample format for states metadata API:
curl –location –request GET ‘https://cdn-api.co-vin.in/api/v2/admin/location/states’ –header ‘Accept-Language: hi_IN’ –header ‘Accept: application/json’ –header ‘User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36’
Try These Headers They worked for me on local server (not production)
These will not work in production because Cowin APIs are geofenced and can’t be accessed from IP address other than Indian. In most free hosting sites like Heroku, Indian IP is not an option. So alternative solution might be to use AWS, GCP, Azure with an Indian server (not tried yet).
Reference – https://github.com/cowinapi/developer.cowin/issues/228
Its not about the request user-agent or format. I faced the same issue and further testing proved cloudFront is blocking the IP if multiple requests are coming from same IP back to back. Its also unblocking after couple minutes.
Basically they don’t want these alerting this, probably its overloading their server.
It seems the api is blocked from using outside India. Try to combine some Indian proxy/use in Indian server
Ok if you want to work local you can use
Now if you want to deploy to Heroku or firebase, then it will return 403, I think it’s mostly that they are blocking any IP hit outside from Indian server.
Github link: https://github.com/manojkumar3692/reactjs_nodejs_cowin
I Will keep you posted here