403 heartbeat within Firefox

[wadethestealth]

After cloning and installing into a temporary firefox environment using web-ext run. The plugin loads correctly but upon sending a heart beat, it gets a 403 response

sample request: {"entity":"about:preferences//undefined","type":"domain","time":"1573746245","project":"<<LAST_PROJECT>>","is_debugging":false,"plugin":"browser-wakatime/1.0.2"}

response: 403 (Forbidden) {"error":"Missing start date."}

Cookies are cleared and login is correctly registered by wakatime.

cc: @Eeems

[Eeems]

I can confirm that this is also happening for me.

@alanhamlett has the API been changed?

[wadethestealth]

@Eeems I located the api docs (https://wakatime.com/developers#heartbeats), but I see start as only a property of the get request not the post request. Is it possible the above request being logged is not the cause of the error but rather an attempted get request?

[gandarez]

@alanhamlett any idea why is it happening?

[iskigow]

I'm geting 403 too but with another error message:

request:

{
    "entity": "https://github.com",
    "is_debugging": false,
    "plugin": "browser-wakatime/2.0.1",
    "project": "CodeReview",
    "time": "1664933792",
    "type": "domain"
}

response: 403 (Forbidden)

{
    "error": "You don't have the permission to access the requested resource. It is either read-protected or not readable by the server."
}

Searching about this error I found that maybe it is related to the csrf token. One of the suggestion is add the X-CSRFToken header. I try to add it using the csrftoken cookie info, but don't works too.

[jvelezpo]

Closing this, since this was solved on v3