Closed ristomatti closed 2 years ago
norkator
commented
2 years ago DHL has integrated different tracking system and getting cookie session token seems to be case here. I tried and having only cookie part called bm_sz=<value> is enough for it to work + with other headers.
norkator
commented
2 years ago It does something else to that bm_sz cookie token before it can really be used. Authorizes it or something.
norkator
commented
2 years ago okay theres one more step doing some verify call with bm_sz and more important sec_cpt to clearly authorize bm_sz token. Need to figure this out.
ristomatti
commented
2 years ago Is a purely scraper based technique out of the question in this case? With something like https://github.com/skrapeit/skrape.it?
norkator
commented
2 years ago feels too overkill for this
ristomatti
commented
2 years ago Yep surely if it can be worked around with a reasonable effort. Lib like that would likely bloat the app size quite a lot but then again could save a ton of development time. But I guess you like puzzles like this. :sunglasses:
norkator
commented
2 years ago Well it just got so much harder that the only option is pretty much what you said. This before validation tokens even includes some "sensor data" which is pretty much sending my browser/os details there and its mandatory. Most of the logic what is being done with these tokens is in minified javascript mess which is run three times before I get sec_cpt token.
ristomatti
commented
2 years ago It's a bit peculiar to what lengths these businesses go to stop people from tracking packages sent by themselves.
ristomatti
commented
2 years ago Have you considered if it could be done via some other tracking service :grimacing:?
norkator
commented
2 years ago some other tracking service
then tracking details would go trough someone else again. I would like to see this using direct courier services in the future just like now.
ristomatti
commented
2 years ago Good point and a worthy goal.
norkator
commented
2 years ago I decided to create account and get api key. It has 250 daily call limit but it can be requested as higher. If it has price tag then "deal with it"
norkator
commented
2 years ago 
heres form to request higher call limit
I've got an Express package on the way which should have tracking info. I've sent you the code via the usual channel. 🙂
Aside: I've been on a bit of a shopping spree for the summer. Based on that I can confirm UPS, Posti, Matkahuolto and Cainiao tracking still work. 😁
I also made a curious observation: I received this tracking code from the sender of the DHL package 00340434287098544863. It turned out to be some other somehow related code, but before I realized this, I ran the find courier search using it. Cainiao tracking gives a match but the tracking status is [CN]STOPCRAWLER. 😄