Unhandled rejection CloudflareError: 1020

[MasterProgs]

• What version of Cloudscraper are you using? 4.1.2
  • node -p 'require("cloudscraper/package.json").version'
• What version of Node.js are you using? (Please share the process information)
  • node -p process v10.16.3
• When did the problem start occurring? This night.
• How often does the problem occur? Everytime
• What is the URL? https://haapi.ankama.com/json/Ankama/v2/Api/CreateApiKey
• Are there any similar issues? Yeah but doesn't help me.

Code snippet

    var options = {
        uri: 'https://haapi.ankama.com/json/Ankama/v2/Api/CreateApiKey',
        formData: { login: username, password: password, long_life_token: 'false' }
        };
        
        cloudscraper.post(options, function(error, response, body) {
            if (error) {
                console.log("an error has occured");
            } else {
                console.log(body, response);
            }
        });

Thank's.

[MasterProgs]

I'm not blacklist. I tried from my pc and VPS (same thing), even using proxies.

[MasterProgs]

#264

[ghost]

@MasterProgs that's great. Do you mind helping others out by mentioning what specifically worked for you?

As in, if it was a cipher string, which one and what's the OS/CPU?

The unhandled rejection is referring to promise rejection. Cloudscraper returns a promise by default and it must be caught/handled: cloudscraper.post(uri).catch(console.error). If you prefer the callback style, see the requester /docs/examples in this repo. You would need to pass request as the requester.

[MasterProgs]

I use ':!ECDHE+SHA:!AES128-SHA:!AESCCM:!DHE:!ARIA' on WINDOWS.

My bad I have submit my message but the topic was closed (by me) and my message did not send.

[MasterProgs]

@pro-src By the way, when I use this cyphers :!ECDHE+SHA:!AES128-SHA:!AESCCM:!DHE:!ARIA or ECDHE-RSA-AES128-GCM-SHA256 without proxy options it's works.

But with a proxy configuration (post and get) -> CloudflareError (Error 1020).

Do you know why I can't use my own proxies ? Yesterday I've not had any issues.

[ghost]

Cloudflare's fingerprinting/blacklisting. They use deep learning algorithms to detect bot-like patterns and in some cases will even send your IP to their Bandwidth Alliance Partners to have your bot kicked offline. They've promised to start cracking down on bots and the increase in bug reports is mostly likely related to that ongoing effort. Be sure that Cloudflare can determine whether you're using a VPN, residential, or some other cloud service provider.

Have you tried: cloudscraper.defaultParams.agentOptions.ciphers += ':!SHA'?

[MasterProgs]

Yeah I tried but still not working :/

[ghost]

If you search around in the issues, I've provided more elaborate explanations for what the problem is in the majority of cases. Namely, the TLS signature algorithms. You used to be able to just use TLSv1 which doesn't have that TLS extension (insecure btw) but even that isn't working for some sites now. If you can compile Node.js with BoringSSL, that will solve the TLS problems. Electron does that but it's not any easy task. You could compile libcurl with BoringSSL and create a native extension for Node.js. But there's nothing we can really do for a fool proof fix without compiling something.

Have a look at https://www.google.com/search?q=residential+proxy+service

Also, other languages have this problem as well, such as, Python and Go, no good solution there either.

[MasterProgs]

And with python we've got the same issues ?

Thank you for time, I appreciate.

[ghost]

Yup.

[MasterProgs]

Right,
Maybe doesn't matter to use proxies hope so that they don't take our IP (auth) and only IP (world).

I know someone who build a simple script with puppertee (phantomJs). In back his web nav open a web page to bypass that problem. (Not very perf).

[ghost]

nodejs/node#24818

[ghost]

Actually, we're in luck! This just landed: nodejs/node#29598
https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V12.md#2019-09-25-version-12110-current-bridgear

[ghost]

ciphers += ':@SECLEVEL=4:@STRENGTH'
ciphers += ':@SECLEVEL=5:@STRENGTH' <-- best

Signature algorithms will neither be advertised nor used if the security level prohibits them (for example SHA1 if the security level is 4 or more).

The following only works on Node.js v12.11.0 and will be ignored for earlier versions:
cloudscraper({ uri, agentOptions: { sigalgs: 'ECDSA+SHA256' } })

const cloudscraper = require('cloudscraper');
// cloudscraper.defaultParams.agentOptions.ciphers = 'ECDHE-ECDSA-AES128-GCM-SHA256';
cloudscraper.defaultParams.agentOptions.ciphers += ':@SECLEVEL=5:@STRENGTH';
cloudscraper.defaultParams.agentOptions.sigalgs = 'ECDSA+SHA256';

Tests: https://github.com/OYTIS/node/blob/2b976ab59dfc01fe1a77141ae1f69ca10eadd408/test/parallel/test-tls-set-sigalgs.js#L64-L74
Docs: https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set1_client_sigalgs.html

[MasterProgs]

@pro-src Damn it, don't working..

Still with.. Cloudflare #1020

That's the Header reponse :

headers: { Host: Symbol(host), Connection: 'keep-alive', 'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36', 'Upgrade-Insecure-Requests': '1', Accept: 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8', 'Accept-Language': 'en-US,en;q=0.9', 'Accept-Encoding': 'gzip, deflate, br' }, cloudflareMaxTimeout: 30000, followAllRedirects: true, challengesToSolve: 3, decodeEmails: false, gzip: true, agentOptions: { ciphers: 'TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA256:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!SRP:!CAMELLIA:!ECDHE+SHA:!AES128-SHA:@SECLEVEL=5:@STRENGTH', sigalgs: 'ECDSA+SHA256' }, uri: 'https://haapi.ankama.com/json/Ankama/v2/Api/CreateApiKey', proxy: 'http://user:pass@IP:PORT', qs: 'login=x&password=x&long_life_token=false', formData: { login: 'x', password: 'x' }, pool: undefined, method: 'POST', realEncoding: 'utf8', encoding: null, callback: [Function] },

Thank you for ur time dude ;)

Btw : I update Node to 12.11.0

[ghost]

Np :)

If you're getting redirected, add the followOriginalHttpMethod: true option.
Don't forget to cloudscraper.debug = true

Hop on IRC, if you want to chat, I could use another tester. Links to web based IRC client are on my patreon page.