Fix DAC (Dacorum) scraper#362
Open
symroe wants to merge 1 commit into
Open
Conversation
Dacorum's democracy server returns valid data for standard HTTP clients (curl 200 OK) but wreq's Firefox TLS fingerprint times out from Lambda, suggesting the server's WAF blocks that specific TLS client hello. Playwright (Chromium) uses a standard Chrome fingerprint that passes through the WAF. The previous verify_requests = False fix was not sufficient because the timeout happens at the TCP/TLS layer before cert validation, so removing the cert-related flag changes nothing. Switching to playwright sidesteps the wreq fingerprint block entirely.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What broke
Dacorum's ModernGov endpoint (
democracy.dacorum.gov.uk) returns valid XML from standard HTTP clients (curl, system SSL) but wreq's Firefox133 TLS fingerprint times out from Lambda — the server's WAF drops the connection during the TLS handshake before a response is sent. The previousverify_requests = Falsefix (PR #346) bypassed cert validation but did not address the WAF block on wreq's specific TLS client hello.What was fixed
verify_requests = Falsewithhttp_lib = "playwright"— Playwright uses Chromium's standard Chrome TLS fingerprint, which passes the WAF. The cert itself is valid (not a cert issue), soverify_requestsis not needed alongside playwright.Scrape results
Cannot run locally (TLS inspection proxy in the build environment interferes with wreq and Playwright). The endpoint returns HTTP 200 with valid ModGov XML from a clean IP, confirming data is available once the WAF block is bypassed.
Generated by Claude Code