The app I created to offer RSS feeds from Hot Network Questions fails since today to fetch its data from the source.
One of its main endpoints is https://stackexchange.com/hot-questions-json
1. It looks like the app now gets blocked by the CloudFlare anti-bot measures.
These are the headers of the error response I've captured:
{
date: 'Fri, 22 Sep 2023 15:48:49 GMT',
'content-type': 'text/html; charset=UTF-8',
'content-length': '6440',
connection: 'close',
'cross-origin-embedder-policy': 'require-corp',
'cross-origin-opener-policy': 'same-origin',
'cross-origin-resource-policy': 'same-origin',
'origin-agent-cluster': '?1',
'permissions-policy': 'accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()',
'referrer-policy': 'same-origin',
'x-frame-options': 'SAMEORIGIN',
'cf-mitigated': 'challenge',
'cache-control': 'private, max-age=0, no-store, no-cache, ' +
'must-revalidate, post-check=0, ' +
'pre-check=0',
expires: 'Thu, 01 Jan 1970 00:00:01 GMT',
'set-cookie': [
'__cf_bm=plX85fIOvG4mmOUx57Q1e0XfZBxw.EXY2uutj8wExP0-1695397729-0-Ae7cVUGXTf7+Y1VxTBV4vFPpB0eFfxvXJJ3fyC8EZkoi2WPMuGCWbZnLXvowMpONw8ed2sVpy2ZyLUo5XkHbhE0=; ' +
'path=/; expires=Fri, 22-Sep-23 16:18:49 GMT; ' +
'domain=.stackexchange.com; HttpOnly; Secure; SameSite=None'
],
'x-dns-prefetch-control': 'off',
server: 'cloudflare',
'cf-ray': '80abb1c15868380c-IAD'
}
And the start of the HTML body:
<!DOCTYPE html><html lang="en-US"><head><title>Just a moment...</title>
I do note that several chat rooms across the network rely on the app to get informed on a timely basis of new Hot Network Questions. The functionality for RSS feeds on migrated posts is not affected so far as that relies on the Stack Exchange API.
Can this be fixed by SE and/or mitigated by me? In the latter case I'm happy to make changes that works for you.
Just a moment ... (6 to 8 weeks?)
1. The endpoint was part of the mobile infrastructure but it was decided to not decommission that specific endpoint.