darkGrimoire / hoyolab-daily-bot

Genshin Impact's Hoyolab Daily Check-in Bot
MIT License
115 stars 44 forks source link

whitespace inside url #9

Closed undeaDD closed 1 year ago

undeaDD commented 3 years ago

hey im currently rewriting your script in nodejs (for private usage only) ... is the whitespace inside the url below intentional?

https://github.com/darkGrimoire/hoyolab-daily-bot/blob/a41c0319d26624a842d1f9ce4f65bd206d3ed758/main_windows.py#L160

thanks for the help undeaD_D

ps: keep up the good work

undeaDD commented 3 years ago

unrelated question / feature request:

are your user-agent headers missing? maybe you should fake them? at least for the mihoyo api calls

darkGrimoire commented 3 years ago

Actually, it's a copy paste of what I found when manually submitting the request from the web interface. I remove most of the headers and only includes the most important one (one that if not exist then the request will not work). If you want, you can try checking the original request headers by manually submitting yourself and checking inside the network tab.

darkGrimoire commented 3 years ago

unrelated question / feature request:

are your user-agent headers missing? maybe you should fake them? at least for the mihoyo api calls

May I ask what is your concern to include or fake the user-agent headers? I may consider it if it is needed

undeaDD commented 3 years ago

hey im currently rewriting your script in nodejs (for private usage only) ... is the whitespace inside the url below intentional?

the whitespace can be removed ... it works perfectly fine without it ^^


May I ask what is your concern to include or fake the user-agent headers? I may consider it if it is needed

its not 100% needed ^^ its just a common thing one should do when scraping / botting api's

https://www.zenrows.com/blog/stealth-web-scraping-in-python-avoid-blocking-like-a-ninja#user-agent-header

if you inspect the request from your browser (when claiming the rewards normally ) the user agent should be present. mihoyo could easily detect requests ( even if they have a random timing ) without that useragent header and flag those accounts for botting.

im not saying they care :D but they definetly could ^^

ps: my altered script even goes as far and randomly switches between mobile and desktop user agents ( pc / phone ) to avoid suspicion

darkGrimoire commented 2 years ago

ah alright, thank you for your suggestion! I'll be sure to include it in the next release.

Thank you!