arlo
arlo copied to clipboard
fix cloudflare 403 with curl_cffi
Cloudflare frequently returns a 403 on the Arlo login, which to the best of my understanding is decided on client heuristics, i.e. if a client is determined with some confidence to not be a browser, the request is blocked. One of the heuristics used is the TLS fingerprint of the client. The curl_cffi
project aims to enable Python scripts to bypass this TLS fingerprinting check through creating TLS handshakes that are identical to a real Chrome browser. This is accomplished through the use of the curl-impersonate
project, which compiles curl
with the exact TLS/SSL libraries used by Chrome and Firefox.
We have seen reasonable success in using this option over cloudscraper
in the Scrypted home automation project. A caveat is that curl_cffi
exposes a requests
-like API, but does not implement the full API; therefore, curl_cffi
is only used for the initial login, and subsequent requests fall back on requests
so sseclient
can continue working. Arlo appears to be happy with just the token in the header, and performs no additional TLS fingerprinting checks after login succeeds.
Note that this is not tested comprehensively, since I do not use this version of the arlo library.
Fixes #204