TradingView WebHook API doesn't work, what could be blocking the POST requests?

Question

Ever since TradingView opened up their webhook support, I've been pulling out my hair trying to figure out why no signals are being received by my server. I've done the following so far:

Made sure ports were open, made sure TradingView was actually sending the POST requests
Tried POSTing on a barebones nodejs server, flask server, and finally a nginx reverse proxy to the flask server.
Cross-referenced the incoming POST headers and body on webhook.site, replicated it on Postman as well as other tools and my server received them fine

You can see the signals coming in live here: http://webhook.site/#!/48e29a5b-d266-4021-8b96-0039371b3643/2005d010-e3ae-4077-8808-af34491f5a4d/

But somewhere along the delivery something is obviously going wrong because there is not even a trace of any requests in the nginx logs and the unix logs. It's definitely not a firewall or CORS issue, or I would have the same problem when replicating with tools, right? Can anyone out there help me crack this case?

Here's my nginx config:

    server {
    listen 80;
    server_name lunarlabs.org;

    location / {
      add_header 'Access-Control-Allow-Origin' '*';
      add_header 'Access-Control-Allow-Credentials' 'true';
      add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
      add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
      return 301 https://$host$request_uri;
    }

}

server {
      listen 443 ssl;
      server_name lunarlabs.org;
      ssl_certificate /etc/letsencrypt/live/***.org/cert.pem;
      ssl_certificate_key /etc/letsencrypt/live/***.org/privkey.pem;
      # ...
      access_log  /var/log/nginx.log;
      error_log /var/log/nginxerror.log;

      root /var/www/html/public;
      index index.php;

    location / {
      add_header 'Access-Control-Allow-Origin' '*';
      add_header 'Access-Control-Allow-Credentials' 'true';
      add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
      add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,X-Forwarded-For,content-length';
      include proxy_params;
      proxy_pass http://unix:/home/tvhook/***;
      proxy_http_version 1.1;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection 'upgrade';
      proxy_set_header Host $host;
      proxy_cache_bypass $http_upgrade;
    }
}

The demo webhook server I have set up can be reached at https://lunarlabs.org/webhook -- any JSON formatted POST data should return a 200. But TradingView's signals, it appears, really doesn't like my server or my server really doesn't like their request.

score 1 · Answer 1 · answered Aug 29 '19 at 12:44

I've had the same issue.

Tradingview support reported error on their side: 'x509: certificate signed by unknown authority'. However curl request worked fine for me.

I'm using Comodo SSL cert and it turned out I didn't setup 'chain certificate' on my side in nginx. Setting it up and restating nginx helped. Webhooks form TV are working fine now.

score 0 · Answer 2 · answered Aug 26 '19 at 08:02

Post https://lunarlabs.org/webhook: x509: certificate signed by unknown authority

curl --data 'ds' 'https://lunarlabs.org/webhook' curl: (60) Peer certificate cannot be authenticated with known CA certificates More details here: http://curl.haxx.se/docs/sslcerts.html

curl performs SSL certificate verification by default, using a "bundle" of Certificate Authority (CA) public keys (CA certs). If the default bundle file isn't adequate, you can specify an alternate file using the --cacert option. If this HTTPS server uses a certificate signed by a CA represented in the bundle, the certificate verification probably failed due to a problem with the certificate (it might be expired, or the name might not match the domain name in the URL). If you'd like to turn off curl's verification of the certificate, use the -k (or --insecure) option.

score 0 · Answer 3 · answered Aug 26 '19 at 09:51

0

I ran into the same issue, my setup might be a bit different though.

Apache + Flask

tradingview_alert = request.get_json(force=True)

Get the data received in a Flask request

answered Aug 26 '19 at 09:51

Coinpocalypse

1
2

Is this an answer or differences between your and OP's config? – barbsan Aug 26 '19 at 10:00
It's an answer to the disappearance of the alert description tradingview passes on in the POST request and my way of solving it. Mostl likely has to do with tradingview sending a JSON, but not setting a header to that effect – Coinpocalypse Aug 26 '19 at 19:56

T.Todua · Answer 4 · 2019-09-17T09:27:32.327

I've tried both Windows and Linux(ubuntu) servers (with Apache) and both seemed that they received ping, but empty data of message. I couldn't find out the problem till date (I doubt TV can't succeed with curl).

So, I've two choices:

1) move to "Mail-to-SMS" hook, and used simple https://cloudmailin.com service

or

2) Use the direct links for Webhook, like:

alert1 : example.com/?action=BUY
alert2 : example.com/?action=SELL

so, then you wouldn't care of empty message, instead, extract the $_GET query variables.

TradingView WebHook API doesn't work, what could be blocking the POST requests?

4 Answers4