Error 503: Server unavailable

[Gravijas]

Just downloaded the app and I cant login , no matter what I try

here is the debuginfor for ya:

[11-12-2018 11:47] Failed to build HTTP request and get response for: method=GET, url='https://www.pathofexile.com/login', allowAutoRedirects=, requestData='': Der Remoteserver hat einen Fehler zurückgegeben: (503) Server nicht verfügbar. [11-12-2018 11:47] System.Net.WebException: Der Remoteserver hat einen Fehler zurückgegeben: (503) Server nicht verfügbar. bei System.Net.HttpWebRequest.GetResponse() bei POEApi.Transport.HttpTransport.BuildHttpRequestAndGetResponse(HttpMethod method, String url, Nullable1 allowAutoRedirects, String requestData) bei POEApi.Transport.HttpTransport.PerformHttpRequest(HttpMethod method, String url, Nullable1 allowAutoRedirects, String requestData) bei POEApi.Transport.HttpTransport.Authenticate(String email, SecureString password, Boolean useSessionID) bei POEApi.Model.POEModel.Authenticate(String email, SecureString password, Boolean offline, Boolean useSessionID) bei Procurement.ViewModel.LoginWindowViewModel.<>cDisplayClass29_0.b0() bei System.Threading.Tasks.Task.Execute() [11-12-2018 11:49] Failed to build HTTP request and get response for: method=GET, url='https://www.pathofexile.com/login', allowAutoRedirects=, requestData='': Der Remoteserver hat einen Fehler zurückgegeben: (503) Server nicht verfügbar. [11-12-2018 11:49] System.Net.WebException: Der Remoteserver hat einen Fehler zurückgegeben: (503) Server nicht verfügbar. bei System.Net.HttpWebRequest.GetResponse() bei POEApi.Transport.HttpTransport.BuildHttpRequestAndGetResponse(HttpMethod method, String url, Nullable1 allowAutoRedirects, String requestData) bei POEApi.Transport.HttpTransport.PerformHttpRequest(HttpMethod method, String url, Nullable1 allowAutoRedirects, String requestData) bei POEApi.Transport.HttpTransport.Authenticate(String email, SecureString password, Boolean useSessionID) bei POEApi.Model.POEModel.Authenticate(String email, SecureString password, Boolean offline, Boolean useSessionID) bei Procurement.ViewModel.LoginWindowViewModel.<>cDisplayClass29_0.b0() bei System.Threading.Tasks.Task.Execute() [11-12-2018 11:51] Failed to build HTTP request and get response for: method=GET, url='https://www.pathofexile.com/login', allowAutoRedirects=, requestData='': Der Remoteserver hat einen Fehler zurückgegeben: (503) Server nicht verfügbar. [11-12-2018 11:51] System.Net.WebException: Der Remoteserver hat einen Fehler zurückgegeben: (503) Server nicht verfügbar. bei System.Net.HttpWebRequest.GetResponse() bei POEApi.Transport.HttpTransport.BuildHttpRequestAndGetResponse(HttpMethod method, String url, Nullable1 allowAutoRedirects, String requestData) bei POEApi.Transport.HttpTransport.PerformHttpRequest(HttpMethod method, String url, Nullable1 allowAutoRedirects, String requestData) bei POEApi.Transport.HttpTransport.Authenticate(String email, SecureString password, Boolean useSessionID) bei POEApi.Model.POEModel.Authenticate(String email, SecureString password, Boolean offline, Boolean useSessionID) bei Procurement.ViewModel.LoginWindowViewModel.<>cDisplayClass29_0.b0() bei System.Threading.Tasks.Task.Execute() [11-12-2018 11:54] System.ArgumentNullException: Der Wert darf nicht NULL sein. Parametername: source bei System.Linq.Enumerable.Select[TSource,TResult](IEnumerable1 source, Func2 selector) bei Procurement.ViewModel.LoginWindowViewModel.updateCharactersByLeague(List`1 chars) bei Procurement.ViewModel.LoginWindowViewModel.<>cDisplayClass29_0.b0() bei System.Threading.Tasks.Task.Execute() [11-12-2018 11:54] System.ArgumentNullException: Der Wert darf nicht NULL sein. Parametername: source bei System.Linq.Enumerable.Select[TSource,TResult](IEnumerable1 source, Func2 selector) bei Procurement.ViewModel.LoginWindowViewModel.updateCharactersByLeague(List1 chars) bei Procurement.ViewModel.LoginWindowViewModel.<>c__DisplayClass29_0.<Login>b__0() bei System.Threading.Tasks.Task.Execute() [11-12-2018 11:54] Failed to build HTTP request and get response for: method=GET, url='https://www.pathofexile.com/login', allowAutoRedirects=, requestData='': Der Remoteserver hat einen Fehler zurückgegeben: (503) Server nicht verfügbar. [11-12-2018 11:54] System.Net.WebException: Der Remoteserver hat einen Fehler zurückgegeben: (503) Server nicht verfügbar. bei System.Net.HttpWebRequest.GetResponse() bei POEApi.Transport.HttpTransport.BuildHttpRequestAndGetResponse(HttpMethod method, String url, Nullable1 allowAutoRedirects, String requestData) bei POEApi.Transport.HttpTransport.PerformHttpRequest(HttpMethod method, String url, Nullable1 allowAutoRedirects, String requestData) bei POEApi.Transport.HttpTransport.Authenticate(String email, SecureString password, Boolean useSessionID) bei POEApi.Model.POEModel.Authenticate(String email, SecureString password, Boolean offline, Boolean useSessionID) bei Procurement.ViewModel.LoginWindowViewModel.<>c__DisplayClass29_0.<Login>b__0() bei System.Threading.Tasks.Task.Execute() [11-12-2018 11:54] Failed to build HTTP request and get response for: method=GET, url='https://www.pathofexile.com/login', allowAutoRedirects=, requestData='': Der Remoteserver hat einen Fehler zurückgegeben: (503) Server nicht verfügbar. [11-12-2018 11:54] System.Net.WebException: Der Remoteserver hat einen Fehler zurückgegeben: (503) Server nicht verfügbar. bei System.Net.HttpWebRequest.GetResponse() bei POEApi.Transport.HttpTransport.BuildHttpRequestAndGetResponse(HttpMethod method, String url, Nullable1 allowAutoRedirects, String requestData) bei POEApi.Transport.HttpTransport.PerformHttpRequest(HttpMethod method, String url, Nullable1 allowAutoRedirects, String requestData) bei POEApi.Transport.HttpTransport.Authenticate(String email, SecureString password, Boolean useSessionID) bei POEApi.Model.POEModel.Authenticate(String email, SecureString password, Boolean offline, Boolean useSessionID) bei Procurement.ViewModel.LoginWindowViewModel.<>c__DisplayClass29_0.<Login>b__0() bei System.Threading.Tasks.Task.Execute() [11-12-2018 11:55] Failed to build HTTP request and get response for: method=GET, url='https://www.pathofexile.com/login', allowAutoRedirects=, requestData='': Der Remoteserver hat einen Fehler zurückgegeben: (503) Server nicht verfügbar. [11-12-2018 11:55] System.Net.WebException: Der Remoteserver hat einen Fehler zurückgegeben: (503) Server nicht verfügbar. bei System.Net.HttpWebRequest.GetResponse() bei POEApi.Transport.HttpTransport.BuildHttpRequestAndGetResponse(HttpMethod method, String url, Nullable1 allowAutoRedirects, String requestData) bei POEApi.Transport.HttpTransport.PerformHttpRequest(HttpMethod method, String url, Nullable1 allowAutoRedirects, String requestData) bei POEApi.Transport.HttpTransport.Authenticate(String email, SecureString password, Boolean useSessionID) bei POEApi.Model.POEModel.Authenticate(String email, SecureString password, Boolean offline, Boolean useSessionID) bei Procurement.ViewModel.LoginWindowViewModel.<>c__DisplayClass29_0.<Login>b__0() bei System.Threading.Tasks.Task.Execute() [11-12-2018 11:55] Failed to build HTTP request and get response for: method=GET, url='https://www.pathofexile.com/login', allowAutoRedirects=, requestData='': Der Remoteserver hat einen Fehler zurückgegeben: (503) Server nicht verfügbar. [11-12-2018 11:55] System.Net.WebException: Der Remoteserver hat einen Fehler zurückgegeben: (503) Server nicht verfügbar. bei System.Net.HttpWebRequest.GetResponse() bei POEApi.Transport.HttpTransport.BuildHttpRequestAndGetResponse(HttpMethod method, String url, Nullable1 allowAutoRedirects, String requestData) bei POEApi.Transport.HttpTransport.PerformHttpRequest(HttpMethod method, String url, Nullable1 allowAutoRedirects, String requestData) bei POEApi.Transport.HttpTransport.Authenticate(String email, SecureString password, Boolean useSessionID) bei POEApi.Model.POEModel.Authenticate(String email, SecureString password, Boolean offline, Boolean useSessionID) bei Procurement.ViewModel.LoginWindowViewModel.<>c__DisplayClass29_0.<Login>b__0() bei System.Threading.Tasks.Task.Execute() [11-12-2018 11:55] Failed to build HTTP request and get response for: method=GET, url='https://www.pathofexile.com/login', allowAutoRedirects=, requestData='': Der Remoteserver hat einen Fehler zurückgegeben: (503) Server nicht verfügbar. [11-12-2018 11:55] System.Net.WebException: Der Remoteserver hat einen Fehler zurückgegeben: (503) Server nicht verfügbar. bei System.Net.HttpWebRequest.GetResponse() bei POEApi.Transport.HttpTransport.BuildHttpRequestAndGetResponse(HttpMethod method, String url, Nullable1 allowAutoRedirects, String requestData) bei POEApi.Transport.HttpTransport.PerformHttpRequest(HttpMethod method, String url, Nullable1 allowAutoRedirects, String requestData) bei POEApi.Transport.HttpTransport.Authenticate(String email, SecureString password, Boolean useSessionID) bei POEApi.Model.POEModel.Authenticate(String email, SecureString password, Boolean offline, Boolean useSessionID) bei Procurement.ViewModel.LoginWindowViewModel.<>c__DisplayClass29_0.<Login>b__0() bei System.Threading.Tasks.Task.Execute() [11-12-2018 11:55] Failed to build HTTP request and get response for: method=GET, url='https://www.pathofexile.com/login', allowAutoRedirects=, requestData='': Der Remoteserver hat einen Fehler zurückgegeben: (503) Server nicht verfügbar. [11-12-2018 11:55] System.Net.WebException: Der Remoteserver hat einen Fehler zurückgegeben: (503) Server nicht verfügbar. bei System.Net.HttpWebRequest.GetResponse() bei POEApi.Transport.HttpTransport.BuildHttpRequestAndGetResponse(HttpMethod method, String url, Nullable1 allowAutoRedirects, String requestData) bei POEApi.Transport.HttpTransport.PerformHttpRequest(HttpMethod method, String url, Nullable1 allowAutoRedirects, String requestData) bei POEApi.Transport.HttpTransport.Authenticate(String email, SecureString password, Boolean useSessionID) bei POEApi.Model.POEModel.Authenticate(String email, SecureString password, Boolean offline, Boolean useSessionID) bei Procurement.ViewModel.LoginWindowViewModel.<>c__DisplayClass29_0.<Login>b__0() bei System.Threading.Tasks.Task.Execute() [11-12-2018 11:55] Failed to build HTTP request and get response for: method=GET, url='https://www.pathofexile.com/login', allowAutoRedirects=, requestData='': Der Remoteserver hat einen Fehler zurückgegeben: (503) Server nicht verfügbar. [11-12-2018 11:55] System.Net.WebException: Der Remoteserver hat einen Fehler zurückgegeben: (503) Server nicht verfügbar. bei System.Net.HttpWebRequest.GetResponse() bei POEApi.Transport.HttpTransport.BuildHttpRequestAndGetResponse(HttpMethod method, String url, Nullable1 allowAutoRedirects, String requestData) bei POEApi.Transport.HttpTransport.PerformHttpRequest(HttpMethod method, String url, Nullable1 allowAutoRedirects, String requestData) bei POEApi.Transport.HttpTransport.Authenticate(String email, SecureString password, Boolean useSessionID) bei POEApi.Model.POEModel.Authenticate(String email, SecureString password, Boolean offline, Boolean useSessionID) bei Procurement.ViewModel.LoginWindowViewModel.<>c__DisplayClass29_0.<Login>b__0() bei System.Threading.Tasks.Task.Execute() [11-12-2018 11:55] Failed to build HTTP request and get response for: method=GET, url='https://www.pathofexile.com/login', allowAutoRedirects=, requestData='': Der Remoteserver hat einen Fehler zurückgegeben: (503) Server nicht verfügbar. [11-12-2018 11:55] System.Net.WebException: Der Remoteserver hat einen Fehler zurückgegeben: (503) Server nicht verfügbar. bei System.Net.HttpWebRequest.GetResponse() bei POEApi.Transport.HttpTransport.BuildHttpRequestAndGetResponse(HttpMethod method, String url, Nullable1 allowAutoRedirects, String requestData) bei POEApi.Transport.HttpTransport.PerformHttpRequest(HttpMethod method, String url, Nullable1 allowAutoRedirects, String requestData) bei POEApi.Transport.HttpTransport.Authenticate(String email, SecureString password, Boolean useSessionID) bei POEApi.Model.POEModel.Authenticate(String email, SecureString password, Boolean offline, Boolean useSessionID) bei Procurement.ViewModel.LoginWindowViewModel.<>c__DisplayClass29_0.<Login>b__0() bei System.Threading.Tasks.Task.Execute() [11-12-2018 11:55] Failed to build HTTP request and get response for: method=GET, url='https://www.pathofexile.com/login', allowAutoRedirects=, requestData='': Der Remoteserver hat einen Fehler zurückgegeben: (503) Server nicht verfügbar. [11-12-2018 11:55] System.Net.WebException: Der Remoteserver hat einen Fehler zurückgegeben: (503) Server nicht verfügbar. bei System.Net.HttpWebRequest.GetResponse() bei POEApi.Transport.HttpTransport.BuildHttpRequestAndGetResponse(HttpMethod method, String url, Nullable1 allowAutoRedirects, String requestData) bei POEApi.Transport.HttpTransport.PerformHttpRequest(HttpMethod method, String url, Nullable1 allowAutoRedirects, String requestData) bei POEApi.Transport.HttpTransport.Authenticate(String email, SecureString password, Boolean useSessionID) bei POEApi.Model.POEModel.Authenticate(String email, SecureString password, Boolean offline, Boolean useSessionID) bei Procurement.ViewModel.LoginWindowViewModel.<>c__DisplayClass29_0.<Login>b__0() bei System.Threading.Tasks.Task.Execute() [11-12-2018 11:55] Failed to build HTTP request and get response for: method=GET, url='https://www.pathofexile.com/login', allowAutoRedirects=, requestData='': Der Remoteserver hat einen Fehler zurückgegeben: (503) Server nicht verfügbar. [11-12-2018 11:55] System.Net.WebException: Der Remoteserver hat einen Fehler zurückgegeben: (503) Server nicht verfügbar. bei System.Net.HttpWebRequest.GetResponse() bei POEApi.Transport.HttpTransport.BuildHttpRequestAndGetResponse(HttpMethod method, String url, Nullable1 allowAutoRedirects, String requestData) bei POEApi.Transport.HttpTransport.PerformHttpRequest(HttpMethod method, String url, Nullable1 allowAutoRedirects, String requestData) bei POEApi.Transport.HttpTransport.Authenticate(String email, SecureString password, Boolean useSessionID) bei POEApi.Model.POEModel.Authenticate(String email, SecureString password, Boolean offline, Boolean useSessionID) bei Procurement.ViewModel.LoginWindowViewModel.<>c__DisplayClass29_0.<Login>b__0() bei System.Threading.Tasks.Task.Execute() [11-12-2018 11:55] Failed to build HTTP request and get response for: method=GET, url='https://www.pathofexile.com/login', allowAutoRedirects=, requestData='': Der Remoteserver hat einen Fehler zurückgegeben: (503) Server nicht verfügbar. [11-12-2018 11:55] System.Net.WebException: Der Remoteserver hat einen Fehler zurückgegeben: (503) Server nicht verfügbar. bei System.Net.HttpWebRequest.GetResponse() bei POEApi.Transport.HttpTransport.BuildHttpRequestAndGetResponse(HttpMethod method, String url, Nullable1 allowAutoRedirects, String requestData) bei POEApi.Transport.HttpTransport.PerformHttpRequest(HttpMethod method, String url, Nullable1 allowAutoRedirects, String requestData) bei POEApi.Transport.HttpTransport.Authenticate(String email, SecureString password, Boolean useSessionID) bei POEApi.Model.POEModel.Authenticate(String email, SecureString password, Boolean offline, Boolean useSessionID) bei Procurement.ViewModel.LoginWindowViewModel.<>c__DisplayClass29_0.<Login>b__0() bei System.Threading.Tasks.Task.Execute() [11-12-2018 11:55] Failed to build HTTP request and get response for: method=GET, url='https://www.pathofexile.com/login', allowAutoRedirects=, requestData='': Der Remoteserver hat einen Fehler zurückgegeben: (503) Server nicht verfügbar. [11-12-2018 11:55] System.Net.WebException: Der Remoteserver hat einen Fehler zurückgegeben: (503) Server nicht verfügbar. bei System.Net.HttpWebRequest.GetResponse() bei POEApi.Transport.HttpTransport.BuildHttpRequestAndGetResponse(HttpMethod method, String url, Nullable1 allowAutoRedirects, String requestData) bei POEApi.Transport.HttpTransport.PerformHttpRequest(HttpMethod method, String url, Nullable1 allowAutoRedirects, String requestData) bei POEApi.Transport.HttpTransport.Authenticate(String email, SecureString password, Boolean useSessionID) bei POEApi.Model.POEModel.Authenticate(String email, SecureString password, Boolean offline, Boolean useSessionID) bei Procurement.ViewModel.LoginWindowViewModel.<>c__DisplayClass29_0.<Login>b__0() bei System.Threading.Tasks.Task.Execute() [11-12-2018 11:55] Failed to build HTTP request and get response for: method=GET, url='https://www.pathofexile.com/login', allowAutoRedirects=, requestData='': Der Remoteserver hat einen Fehler zurückgegeben: (503) Server nicht verfügbar. [11-12-2018 11:55] System.Net.WebException: Der Remoteserver hat einen Fehler zurückgegeben: (503) Server nicht verfügbar. bei System.Net.HttpWebRequest.GetResponse() bei POEApi.Transport.HttpTransport.BuildHttpRequestAndGetResponse(HttpMethod method, String url, Nullable1 allowAutoRedirects, String requestData) bei POEApi.Transport.HttpTransport.PerformHttpRequest(HttpMethod method, String url, Nullable1 allowAutoRedirects, String requestData) bei POEApi.Transport.HttpTransport.Authenticate(String email, SecureString password, Boolean useSessionID) bei POEApi.Model.POEModel.Authenticate(String email, SecureString password, Boolean offline, Boolean useSessionID) bei Procurement.ViewModel.LoginWindowViewModel.<>c__DisplayClass29_0.<Login>b__0() bei System.Threading.Tasks.Task.Execute() [11-12-2018 11:55] System.ArgumentNullException: Der Wert darf nicht NULL sein. Parametername: source bei System.Linq.Enumerable.Select[TSource,TResult](IEnumerable1 source, Func2 selector) bei Procurement.ViewModel.LoginWindowViewModel.updateCharactersByLeague(List1 chars) bei Procurement.ViewModel.LoginWindowViewModel.<>cDisplayClass29_0.b0() bei System.Threading.Tasks.Task.Execute() [11-12-2018 11:55] System.ArgumentNullException: Der Wert darf nicht NULL sein. Parametername: source bei System.Linq.Enumerable.Select[TSource,TResult](IEnumerable1 source, Func2 selector) bei Procurement.ViewModel.LoginWindowViewModel.updateCharactersByLeague(List`1 chars) bei Procurement.ViewModel.LoginWindowViewModel.<>cDisplayClass29_0.b0() bei System.Threading.Tasks.Task.Execute() [11-12-2018 11:55] System.ArgumentNullException: Der Wert darf nicht NULL sein. Parametername: source bei System.Linq.Enumerable.Select[TSource,TResult](IEnumerable1 source, Func2 selector) bei Procurement.ViewModel.LoginWindowViewModel.updateCharactersByLeague(List1 chars) bei Procurement.ViewModel.LoginWindowViewModel.<>c__DisplayClass29_0.<Login>b__0() bei System.Threading.Tasks.Task.Execute() [11-12-2018 11:55] System.ArgumentNullException: Der Wert darf nicht NULL sein. Parametername: source bei System.Linq.Enumerable.Select[TSource,TResult](IEnumerable1 source, Func2 selector) bei Procurement.ViewModel.LoginWindowViewModel.updateCharactersByLeague(List1 chars) bei Procurement.ViewModel.LoginWindowViewModel.<>c__DisplayClass29_0.b__0() bei System.Threading.Tasks.Task.Execute()

[aydjay]

Looks like GGG have put the login endpoint behind cloudflare.

[abrezovsky]

Same issue, here is my log if it is useful:

[11-12-2018 17:54] Failed to build HTTP request and get response for: method=GET, url='https://www.pathofexile.com/login', allowAutoRedirects=, requestData='': The remote server returned an error: (503) Server Unavailable.
[11-12-2018 17:54] System.Net.WebException: The remote server returned an error: (503) Server Unavailable.
   at System.Net.HttpWebRequest.GetResponse()
   at POEApi.Transport.HttpTransport.BuildHttpRequestAndGetResponse(HttpMethod method, String url, Nullable`1 allowAutoRedirects, String requestData)
   at POEApi.Transport.HttpTransport.Authenticate(String email, SecureString password, Boolean useSessionID)
   at POEApi.Model.POEModel.Authenticate(String email, SecureString password, Boolean offline, Boolean useSessionID)
   at Procurement.ViewModel.LoginWindowViewModel.<>c__DisplayClass29_0.<Login>b__0()
   at System.Threading.Tasks.Task.Execute()

[qwak-adikt]

Any ETA for a fix on this @Stickymaddness

[EmptieSoul]

Any ETA?

[aydjay]

Cloudflare is a service to mitigate servers from getting taken down from a DDoS. I don't know if this is going to be a permanent move from GGG, if that is the case we will have to put some very significant changes into Procurement.

If, as the league progresses, they move their endpoint from behind cloudflare. Procurement will carry on working. I will do my best to see if there is anything that can be done to restore procurement to a working state in the meantime but I would like to stress that getting around cloudflare will not be easy at all.

[thailyn]

This indeed appears to be problematic.

From what I've been able to figure out so far, the purpose of the Cloudflare DDoS protection splash screen (which you sometimes see when going to a Cloudflare-protected site) is designed so the browser performs some Javascript computation and sends it back to Cloudflare, "proving" it's not a bot or something like that. You can see some more details in this blog post; it looks like the computation that was required in the past was a simple Javascript mathematical expression, but it's since been obfuscated; when I went to pathofexile.com and looked at the source code of the CloudFlare page I got something like:

  (function(){
    var a = function() {try{return !!window.addEventListener} catch(e) {return !1} },
    b = function(b, c) {a() ? document.addEventListener("DOMContentLoaded", b, c) : document.attachEvent("onreadystatechange", b)};
    b(function(){
      var a = document.getElementById('cf-content');a.style.display = 'block';
      setTimeout(function(){
        var s,t,o,p,b,r,e,a,k,i,n,g,f, UtFxZSV={"Q":+((!+[]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(+[])+(+[])+(!+[]+!![]+!![])+(!+[]+!![]+!![]+!![])+(!+[]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]))/+((!+[]+!![]+!![]+[])+(!+[]+!![]+!![]+!![]+!![])+(!+[]+!![])+(!+[]+!![])+(!+[]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]))};
        t = document.createElement('div');
        t.innerHTML="<a href='/'>x</a>";
        t = t.firstChild.href;r = t.match(/https?:\/\//)[0];
        t = t.substr(r.length); t = t.substr(0,t.length-1);
        a = document.getElementById('jschl-answer');
        f = document.getElementById('challenge-form');
        ;UtFxZSV.Q-=+((!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![])+(+[])+(!+[]+!![]+!![]+!![])+(!+[]+!![])+(!+[]+!![]+!![]+!![])+(!+[]+!![]+!![]))/+((+!![]+[])+(!+[]+!![]+!![]+!![]+!![]+!![])+(+!![])+(+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]));a.value = +UtFxZSV.Q.toFixed(10) + t.length; '; 121'
        f.action += location.hash;
        f.submit();
      }, 4000);
    }, false);
  })();

We'll need to tackle this in different ways for each of the login methods we provide.

Password Authentication

Right now, when Procurement makes a web request, such as to https://www.pathofexile.com/login to log in, it does not execute any Javascript, as that is complicated and unnecessary for our needs thus far. It's plausible we can use something like this CloudFlareUtilities library (available as a NuGet package), which uses pure C# to perform the necessary computations for CloudFlare, and manage any CloudFlare cookies. However, there are some complications.

• This library works with HttpClient, which we do not use, so it is not a drop-in replacement or trivial addition to our code. In theory, however, the infrastructure we use is deprecated and, according to the .NET documentation, we should use HttpClient instead anyway.
• This library requires .NET Standard 1.1 (possibly actually 1.6). Right now Procurement targets the .NET Framework 4 [Client Profile], and we would need to upgrade to .NET Framework 4.5 or 4.6.1 to support those version of the .NET Standard, respectively. Upgrading the targeted framework version could lead to unintentional bugs, and it's risky to do this in the middle of a critical issue like this that is preventing us from fully using and testing Procurement.

Session ID

The CloudFlare DDoS protection works, in part, by keeping track of a client's user-agent and several cookies. Right now when the Procurement user logs in via Session ID we require the him to first log in to pathofexile.com and dig around in the cookies for the POESESSID. Beyond requiring this, we would also need the user to supply:

• The user-agent his browser used (so Procurement uses a matching one).
• The additional CloudFlare cookies, whose exact names might not be known a priori.

There is a description of this process here, with screenshots.

As that link reveals, there have been other Path of Exile apps which have faced similar issues. The situation in that link was when poe.trade started using CloudFlare. We might be able to learn some techniques from what they or others have done, but I really hope will be able to delegate handling the CloudFlare DDoS page to an external dependency, so we aren't required to keep updating it whenever CloudFlare changes their algorithm.

Of course, the best solution is for GGG to provide an actual login endpoint for their API so we don't need to rely on screen-scraping the login response, but it's not like it's Christmas or anything. Or maybe they could use OAuth or something like what EVE Online has/had.

[qwak-adikt]

@thailyn seems like Acquisition was able to get this resolved, perhaps they can explore the same fix here

[thailyn]

@qwak-adikt, I'm curious who you're referring to by "they". 👼

I created a pull request that is a quick-and-dirty way of logging in using Session ID. As mentioned in my earlier comment, it requires the user to provide three additional pieces of information when logging in, and I'm afraid one of the CloudFlare cookies could invalidate automatically after an hour or so, forcing the user to get a new one in his browser and logging back in to Procurement for it to be able to fetch data again.

[thailyn]

Actually if only the login endpoint is behind CloudFlare, then it might not matter while Procurement is running if that cookie expires, since we don't use the login endpoint except when logging in.

[aydjay]

have you guys also checked this? https://github.com/elcattivo/CloudFlareUtilities perhaps will eliminate the needing for cookies from the browser (I did a few tests yesterday locally and I could authenticate with it, didn't had much time though to test further)

Yes - I was looking at using this myself yesterday, I have mentioned it to @thailyn in his pr #902

Just letting people know I have tested #902 myself locally and it will close #901

Round of applause for @thailyn

👏

[EmptieSoul]

Hi Charles, I am not into technical side of things so im trying my best to understand what is going on. bUt i really appreciate your work and efforts being done. Keep up the good work.

Cheers

Tayyab Farooq
------ A Humble Servant of Allah

On Fri, Dec 14, 2018 at 8:44 AM Charles Macanka <notifications@github.com>
wrote:

> @qwak-adikt <https://github.com/qwak-adikt>, I'm curious who you're
> referring to by "they". 👼
>
> I created a pull request that is a quick-and-dirty way of logging in using
> Session ID. As mentioned in my earlier comment, it requires the user to
> provide three additional pieces of information when logging in, and I'm
> afraid one of the CloudFlare cookies could invalidate automatically after
> an hour or so, forcing the user to get a new one in his browser and logging
> back in to Procurement for it to be able to fetch data again.
>
> —
> You are receiving this because you commented.
> Reply to this email directly, view it on GitHub
> <https://github.com/Stickymaddness/Procurement/issues/901#issuecomment-447211631>,
> or mute the thread
> <https://github.com/notifications/unsubscribe-auth/ArpRYzUaUZWN85vvziAuV1P1iN2BZQbEks5u4yymgaJpZM4ZNKd6>
> .
>

[Stickymaddness]

Procurement 1.24.1 has been released, which fixes this issue when using SessionID

All credit to @aydjay and @thailyn for their work on getting this solved quickly.