Error no user agent has been specified in the request.

[roccomuso]

I'm having this error:

✖ Forbidden - no user agent has been specified in the request.

Using pwned version 6.1.2

[wKovacs64]

Hi @roccomuso, thanks for reporting. That's a strange error to receive under normal circumstances. Any chance navigator is defined in your Node environment?

There is a check performed upstream in hibp to determine if we're in a browser (use its own User-Agent) or not (craft our own), but maybe it's too simplistic. There was a bug in hibp before I was performing that check, but it was fixed back in 7.1.2 and pwned@6.1.2 depends on hibp@7.3.0 so that shouldn't be present for you.

🤔

[roccomuso]

I'm using it from CLI with Node 10. So I do not expect navigator to be defined.

[wKovacs64]

Weird, running it in Node 10 works for me. Is it installed globally, project-locally, or on-demand using npx?

[roccomuso]

Globally installed. (Please note that I upgraded from a previously installed version). I'll get rid of it and install again from scratch.

[wKovacs64]

OK, let me know how it goes. I'd definitely like to address this if it's fixable on my end.

[wKovacs64]

Reopened https://github.com/wKovacs64/hibp/issues/38 for further investigation.

[wKovacs64]

@roccomuso This is an upstream issue with the haveibeenpwned.com API itself. I've reached out to Troy and awaiting a response. You can observe by visiting the example/test link provided in the documentation and receiving a forbidden message: https://haveibeenpwned.com/api/v2/breachedaccount/test@example.com

Leaving this issue open for now, but I don't think there's anything we can do but wait.

[roccomuso]

Good to know.

[wKovacs64]

I believe Troy has resolved the issue (at least partially, still discussing). pwned is working again for me in the CLI. Can you try it and confirm?

[roccomuso]

Hm still having the error.

[wKovacs64]

Are you using the ba command and checking a particular account? If so, try the pa or dc commands to see if those are also blocked. Also, if you're using ba with a particular account, try a different account like pwned ba test@example.com to see if that works. I'm still trying to work with Troy to narrow this down. He's been "tightening down firewall rules" to prevent abuse but legitimate requests are being blocked.

[wKovacs64]

Closing in favor of wKovacs64/hibp#60 so we have a central location to discuss further.

[roccomuso]

I'm using pwned ba <email>

[wKovacs64]

You'll have to give Troy the Ray ID from the error you receive and work with him to unblock you. The UA we're sending is not being blocked, so if you're still being blocked, it must be due to something else (IP/network, region, etc.). 🙁