pokeapi icon indicating copy to clipboard operation
pokeapi copied to clipboard

Published 20 hours ago verified publisher icon PokeAPI

Page 60 of 61 if Forbidden when using pagination

Open pbldmngz opened this issue 2 years ago • 12 comments
trafficstars

I've encountered this issue specifically on one of my paginated requests:

https://pokeapi.co/api/v2/pokemon?offset=1218&limit=21 is just fine.

https://pokeapi.co/api/v2/pokemon?offset=1239&limit=21 This raises 403 - Forbidden

https://pokeapi.co/api/v2/pokemon?offset=1260&limit=21 is just fine.

Basically I created pages of 21 elements, which gives me around 61 pages. Page 60 is the only one that it seems that I cannot access. Is there some secret Pokemon there or why could this be happening?

image

This is the consumer app I was toying around with when I found out:

Originally posted by @pbldmngz in https://github.com/PokeAPI/pokeapi/issues/135#issuecomment-1551374609

pbldmngz avatar May 17 '23 13:05 pbldmngz

Does it happen consistently or only in the last few days? Might be a cache problem.

Naramsim avatar May 17 '23 15:05 Naramsim

On my side i don't get your 403, so i think it's a rare cache problem. Could you wait a few days and update us?

Naramsim avatar May 17 '23 15:05 Naramsim

That's a very odd behaviour and I think Naramsim is correct - this feels like a caching issue. There shouldn't be a reason for the 403 at all, even without a user-agent header (if you know adding a user-agent header solves it, you should use it!)

phalt avatar May 17 '23 21:05 phalt

I'm also receiving a 403 error (Forbidden) on some of the pokemon requests on my side - for example this one "https://pokeapi.co/api/v2/pokemon/yveltal" doesn't work. My site doesn't have a server, for the past month everything worked fine. It started happening yesterday.

ddmuzyk avatar May 18 '23 14:05 ddmuzyk

Or did I receive a ban of some sort by the pokeApi

ddmuzyk avatar May 18 '23 14:05 ddmuzyk

Hmmm where are you sending your API requests from? Cloudflare may be blocking you if you're sending a lot of requests.

phalt avatar May 18 '23 20:05 phalt

From Poland, although now I reduced the number of requests to the API and I don't see the problem anymore, will see if it happens again. But it wasn't a cache problem I think cause I had the same issue when requesting on my phone.

ddmuzyk avatar May 18 '23 21:05 ddmuzyk

I'm also recieving some 403 in my tests:

image

Node: lts/hydrogen OS: Ubuntu latest

Gabb-c avatar May 19 '23 00:05 Gabb-c

In our security logs on Cloudflare I can see a significant number of blocked threats (in excess of 100,000 requests) from Colombia and Brazil. This is likely triggering Cloudflare to be extra sensitive for all traffic. We should double check firebase isn't setting off these 403's though just to be sure

phalt avatar May 19 '23 01:05 phalt

Hmm, I modified some parameters in our function on GCP. Let's see if this changes something. Otherwise, the issue might be in the function's dependencies update I did the other day.

If the issue doesn't resolve I'll roll back

Naramsim avatar May 19 '23 09:05 Naramsim

After several attempts over the days, this is what I know:

  • The page that gets the 403 FORBIDDEN seems random at first, but it's consistent at least for a few minutes
  • I happens when I try to run through all the pages, so it might have to do as you say with some sort of limiter as I'm doing a lot of requests in a few seconds (60 requests for the pokemons, 21*60 for the sprites, all that from the same IP in 30 seconds)
  • I was no longer able to reproduce the issue today

pbldmngz avatar May 20 '23 11:05 pbldmngz

I had similar situations to @pbldmngz :) but the situation seems to have been fixed or at least improved. Thanks!

PauliusRap avatar May 20 '23 19:05 PauliusRap