[14:33:03]
<m606> Hello, working on the security.toml autofill script... Would you have a guess why using python requests doesn't work with this API URL (getting a 403 Forbidden error) whereas opening the URL in the browser works as well as `curl "$url"` ?
I've tried with various headers too but it doesn't help.
```python
import requests
headers = {
# ~ 'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:145.0) Gecko/20100101 Firefox/145.0',
# ~ "Accept": "application/json, text/plain, */*",
# ~ "Accept-Language": "en-US,en;q=0.5",
# ~ "Accept-Encoding": "gzip, deflate, br",
# ~ "Referer": "https://euvdservices.enisa.europa.eu/",
# ~ "Origin": "https://euvdservices.enisa.europa.eu",
}
url = 'https://euvdservices.enisa.europa.eu/api/search?fromScore=4&toScore=10&fromDate=2025-12-10&toDate=2025-12-23&vendor=&product=gogs&page=0&size=100'
try:
response = requests.get(url, headers)
if response.status_code == 200:
data = response.json()
print(data)
else:
print('API error:', response.status_code, response.text)
except requests.exceptions.RequestException as e:
print('API error:', e)
```
[14:33:39]
<m606> API doc says:
```
Endpoint: /api/search
Method: GET
Authentication: No authentication required
Request Headers: No custom headers
Request Body: Not applicable
Response Size Limit: Maximum 100 records per request
```
https://euvd.enisa.europa.eu/apidoc
[15:36:41]
<Aleks (he/him/il/lui)> merf it works with curl too wtf
[15:39:26]
<Aleks (he/him/il/lui)> spoofing the user agent is not enough 🤔
[18:39:35]
<m606> for some reason below code works so I'll go with it. Although I don't really get why the previous one doesn't work.
That not only the user agent (in previous code, this user agent does not help) although a custom user agent (this one or another) is required in this code (without it won't work). That's quite strange considering the extract of the official documentation shared above, but a [spoofed user agent seems required](https://github.com/cku-heise/euvd-api-doc/blob/main/README.md#return-codes) (it can't be `python-requests`)
```python
# Define the retry strategy
retry_strategy = Retry(
total=10, # Maximum number of retries
backoff_factor=4,
status_forcelist=[429, 500, 502, 503, 504], # HTTP status codes to retry on
)
# Create an HTTP adapter with the retry strategy and mount it to session
adapter = HTTPAdapter(max_retries=retry_strategy)
# Create a new session object
session = requests.Session()
session.mount('http://', adapter)
session.mount('https://', adapter)
euvd_url = "https://euvdservices.enisa.europa.eu/api/search"
payload = {
"fromScore": '4',
"toScore": '10',
"page": '0',
"size": '100',
"fromDate": '2025-12-10',
"toDate": '2025-12-23',
"vendor": '',
'product': 'gogs'
}
headers = {
"User-Agent": "curl/7.54.1"
}
# Get page 1
req = session.get(euvd_url, params=payload, headers=headers)
response = req.json()
results = response["items"]
print(results)
```
[18:40:35]
<m606> for some reason below code works so I'll go with it. Although I don't really get why the previous one doesn't work.
That not only the user agent (in previous code, this user agent does not help) although a custom user agent (this one or another) is required in this code (without it won't work). That's quite strange considering the extract of the official documentation shared above, but a [spoofed user agent seems required](https://github.com/cku-heise/euvd-api-doc/blob/main/README.md#return-codes) (it can't be `python-requests`)
```python
import requests
from requests.adapters import HTTPAdapter
from urllib3.util import Retry
# Define the retry strategy
retry_strategy = Retry(
total=10, # Maximum number of retries
backoff_factor=4,
status_forcelist=[429, 500, 502, 503, 504], # HTTP status codes to retry on
)
# Create an HTTP adapter with the retry strategy and mount it to session
adapter = HTTPAdapter(max_retries=retry_strategy)
# Create a new session object
session = requests.Session()
session.mount('http://', adapter)
session.mount('https://', adapter)
euvd_url = "https://euvdservices.enisa.europa.eu/api/search"
payload = {
"fromScore": '4',
"toScore": '10',
"page": '0',
"size": '100',
"fromDate": '2025-12-10',
"toDate": '2025-12-23',
"vendor": '',
'product': 'gogs'
}
headers = {
"User-Agent": "curl/7.54.1"
}
# Get page 1
req = session.get(euvd_url, params=payload, headers=headers)
response = req.json()
results = response["items"]
print(results)
```
[19:32:55]
<Yunohost Git/Infra notifications> [landingpage] alexAubin pushed to main: Update fetch_assets: dont fetch ynh_logos, they are already part of the repo and in turns in creates unecessary git cha... ([dfb610ab](https://github.com/YunoHost/landingpage/commit/dfb610ab7c90c9cf14ccf52dc3bf07a94a2751f2))
[19:46:17]
<tituspijean[m]> > <@ericg:matrix.org> `/home/eric` ??
You have ACLs applied on your home directory down to your .ssh folder (marked by the + sign).
What's the output of `getfacl /home/eric` and `getfacl /home/eric/.ssh`
[19:48:03]
<tituspijean[m]> (My server was down for 2 days, I might be missing a few messages)
[20:08:56]
<eric_G> ```
getfacl: Removing leading '/' from absolute path names
# file: home/eric
# owner: eric
# group: eric
user::rwx
group::r-x
group:nextcloud:rwx
group:all_users:---
mask::rwx
other::r-x
default:user::rwx
default:group::r-x
default:group:nextcloud:rwx
default:mask::rwx
default:other::r-x
getfacl: and: No such file or directory
getfacl: getfacl: No such file or directory
# file: home/eric/.ssh
# owner: eric
# group: eric
user::rwx
group::---
group:nextcloud:rwx #effective:---
mask::---
other::---
default:user::rwx
default:group::---
default:group:nextcloud:rwx
default:mask::rwx
default:other::---
```
[20:11:50]
<eric_G> Je m'aperçois que je n'y comprends que pouic aux permissions. 😶🌫️
[20:12:36]
<Aleks (he/him/il/lui)> mouai bah déjà les permissions linux de base c'est à la fois "simple" et "terriblement subtil" mais en plus avec les ACL dans le game, ça encore plus le zbeul
[20:12:49]
<Aleks (he/him/il/lui)> mais là j'ai l'impression que c'est ptete la permission nextcloud qui pourrait poser problème
[22:48:50]
<tituspijean[m]> > <@Alekswag:matrix.org> mais là j'ai l'impression que c'est ptete la permission nextcloud qui pourrait poser problème
`setfacl -Rkb /home/eric/.ssh` should do the trick