0

I'm testing a page request in postman(desktop app), but it redirect all requests to captcha page; While i replay in browser, it works fine even i clean all cookies && local storage, there's no redirections, simply response with 200 code status;

Then I copy all browser's header or cookie(another try), nothing worked!

I have search some Q&A, including ssl verify close in postman, or login in user cache ,not my case at all.

This is a link of my case

Is there anything i omitted? Please help me to know

I can just put a postman request export as bash curl,sorry:

curl --location --request GET 'https://www.fwrd.com/product-burberry-lola-backpack/BURF-WY121/?d=Womens&itrownum=16&itcurrpage=2&itview=05' \
--header 'authority: www.fwrd.com' \
--header 'accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9' \
--header 'accept-language: zh-CN,zh;q=0.9' \
--header 'cache-control: max-age=0' \
--header 'cookie: viewNumR1=100; isPopupEnabledR1=true; pocketViewR1=front; currency=USD; currencyOverride=USD; _fbp=fb.1.1658202232315.1459169565; countryCodePref=US; userLanguagePref=en; _gid=GA1.2.1936343211.1658202234; _pxvid=0273b224-0715-11ed-9b1c-4d6e63515557; __rtbh.lid=%7B%22eventType%22%3A%22lid%22%2C%22id%22%3A%22Bpefyig8l0wxukHxQ1QF%22%7D; requestBrowserIdMapping=1; _px_f394gi7Fvmc43dfg_user_id=MDM3YzUxNjEtMDcxNS0xMWVkLWFjNTItMWRiODkxNDdiYmRi; _scid=88365d6e-855a-4b9b-b456-ed90a888f464; rskxRunCookie=0; rCookie=82jkrqh5x5p7yx1jm7r0lyl5rmsq6u; _sctr=1|1658160000000; visitor-cookie30=true; visitor-cookie1=true; _gcl_au=1.1.467830307.1658204129; _pin_unauth=dWlkPU1qbGhNR1pqWXpFdFkyUTNOUzAwWkdJd0xUaGxNMlV0WmpKaE5UQTFZekkwTkdGaw; recentlyViewedItems=0; sortByR2=featuredF; altexp=%7B%22896%22%3A0%2C%221409%22%3A1%2C%221412%22%3A0%2C%221157%22%3A0%2C%221031%22%3A1%2C%221292%22%3A1%2C%221421%22%3A0%2C%221295%22%3A1%2C%221424%22%3A1%2C%221298%22%3A0%2C%221301%22%3A0%2C%221430%22%3A1%2C%221304%22%3A0%2C%221433%22%3A0%2C%221179%22%3A0%2C%221436%22%3A0%2C%22926%22%3A0%2C%221439%22%3A1%2C%221442%22%3A1%2C%221188%22%3A0%2C%22677%22%3A0%2C%221445%22%3A1%2C%22936%22%3A0%2C%221448%22%3A0%2C%221194%22%3A1%2C%221322%22%3A0%2C%221197%22%3A1%2C%221457%22%3A0%2C%22946%22%3A0%2C%221334%22%3A0%2C%22951%22%3A1%2C%221081%22%3A0%2C%221210%22%3A0%2C%221466%22%3A1%2C%221340%22%3A0%2C%221469%22%3A1%2C%221086%22%3A1%2C%221472%22%3A1%2C%221346%22%3A1%2C%221475%22%3A1%2C%22836%22%3A1%2C%221349%22%3A0%2C%221478%22%3A1%2C%221481%22%3A1%2C%221226%22%3A0%2C%221355%22%3A0%2C%221484%22%3A0%2C%221358%22%3A1%2C%221487%22%3A0%2C%221232%22%3A0%2C%221490%22%3A1%2C%221235%22%3A1%2C%221493%22%3A1%2C%221496%22%3A1%2C%221370%22%3A0%2C%221499%22%3A1%2C%221502%22%3A0%2C%221247%22%3A1%2C%221382%22%3A0%2C%221514%22%3A1%2C%22876%22%3A0%2C%221388%22%3A1%2C%221517%22%3A0%2C%221391%22%3A1%2C%221520%22%3A0%2C%221011%22%3A0%2C%221139%22%3A1%2C%221268%22%3A1%2C%221016%22%3A0%2C%221403%22%3A0%2C%221406%22%3A0%7D; pxcts=a80a374b-07d9-11ed-96b1-636858726351; userSeenFwrdNtfDialogDate=2022-07-19; JSESSIONID=BD3FB79F2CE2EEBB32A4565060EBED39.tc-nova_tomcat4; _ga_MRQYJ2518M=GS1.1.1658293460.7.0.1658293460.60; requestSessionID=4254930521; __cf_bm=O0MTs.5O4z3O.Lz7tV4epamTsK4T1BHxmhi10rmax0Y-1658293459-0-AZMBFcXc0ZL7DtIgX2gvkyH7rG54t0KaUItmqPesO/BchuY7GsvNY/f44PNnN+sHQmfUgQma+uQBOFDsidSC6i8=; _ga=GA1.2.1509327558.1658202234; _gat=1; browserID=QhdWmBQ7WgUehyiYRX1EygeH7OOqck; bb_PageURL=%2Ffw%2Fcontent%2Fproduct%2FstyledWithMarkup%3Fcode%3DBURF-WY121%26d%3DF; _uetsid=038da160071511ed89ea4336c7c04aeb; _uetvid=038dbb20071511eda26e25fc715b0a9c; cto_bundle=eFjkml9qcFJnY3E0WlZVVTFzTWNMRXVWOE9nalBTZnNlM0JjbWR3V0xIQXVSc3hOR0FKVUx1UFZ6dFJ1Y0JiRjQxJTJCeVZuUiUyRk4xdUwlMkJrWjBLeklmTzRZN2FodjJFNDZHdXgybVA5UEhJQmJ5RXk4cTRqNVFJc3BVaGlENFRtVEw3U1YlMkJDR1V2WFc4ZDVmc2NGOFhYMmFrUTFoUSUzRCUzRA; lastRskxRun=1658293471138; _px2=eyJ1IjoiNmM0M2EzZTAtMDdlOS0xMWVkLTgzMTctNWZjNjg1MDMxYzMyIiwidiI6IjAyNzNiMjI0LTA3MTUtMTFlZC05YjFjLTRkNmU2MzUxNTU1NyIsInQiOjE2NTgyOTM3ODM4MjcsImgiOiJkODA4NjI1OGRmYWE1ZTE1OTFmYjdlZTIyYWNiYmI4MDg5OGI4NjkwZWNjMzIxZDYxMTI0ZTNiYzFhNWU2MDAwIn0=; __cf_bm=xGlLbY0GGGMACBg4Z8TtXSuxuW4yk9hjpz8e41d2inQ-1658293709-0-AT1Kf+tBGczWEcAu+1rDk5hhnDdbHleJS/slXdDvGm6E4BrVrSFy2/Ezkiw7aSPjpYyLkLzMpUH2YtPpwXPV6Tw=' \
--header 'sec-ch-ua: ".Not/A)Brand";v="99", "Google Chrome";v="103", "Chromium";v="103"' \
--header 'sec-ch-ua-mobile: ?0' \
--header 'sec-ch-ua-platform: "Windows"' \
--header 'sec-fetch-dest: document' \
--header 'sec-fetch-mode: navigate' \
--header 'sec-fetch-site: none' \
--header 'sec-fetch-user: ?1' \
--header 'upgrade-insecure-requests: 1' \
--header 'user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36'
yunchi
  • 1
  • 1
  • can you share a collection with your sample request, so folks can test it better? https://learning.postman.com/docs/collaborating-in-postman/sharing/ – bitoiu Jul 19 '22 at 14:22
  • or just export the request: https://stackoverflow.com/questions/28965847/how-to-export-specific-request-to-file-using-postman – bitoiu Jul 19 '22 at 14:29
  • @bitoiu I copy the postman exported curl line, hope that will help – yunchi Jul 20 '22 at 05:22
  • Ok, so I tried to use Postman Interceptor to get the exact same request: https://learning.postman.com/docs/sending-requests/capturing-request-data/interceptor. Recommend you read this, quite interesting. However, I was still getting stopped by Cloudfare. You can try using interceptor yourself to see if there's any header that would trigger CF/Captcha, sorry I couldn't help. – bitoiu Jul 20 '22 at 08:01
  • 1
    How about exporting/ copying the request in question from your browser as cURL, then import that to Postman? – Christian Baumann Jul 20 '22 at 09:00
  • @ChristianBaumann yes, i just did it above as you say, all headers and cookies are same, but 200 in browser , 302 in postman – yunchi Jul 22 '22 at 04:59

0 Answers0