error: unable to find matching request for baseUrl about sameorigin HOT 5 CLOSED

executed code

const main = async () => {
  const [axios, { close }] = await sameorigin({
    squatURL: "https://blur.io",
  })
  const { data } = await axios({
    // Important! You must declare the baseURL of the API you intend
    // to target. This is because it is used to isolate requests you
    // intend to hijack for your own purposes.
    baseURL: "https://core-api.prod.blur.io/v1",

    // GET https://core-api.prod.blur.io/v1/prices
    url: "/prices",
    method: "get",
  })
  await close()
  console.log(data)
}

main()

from sameorigin.

Hey @aster2709! Looking through the Network tab on my browser, it looks like this API request is no longer executed on the Blur homepage. If sameorigin cannot find the request to hijack, it won't be able to piggyback future requests on top.

I looked around a little bit and I can see that the API call has been moved to https://blur.io/airdrop. If you change your squatURL to this, the request should be detected successfully.

const main = async () => {
  const [axios, { close }] = await sameorigin({
    squatURL: "https://blur.io/airdrop",
  })
  const { data } = await axios({
    // Important! You must declare the baseURL of the API you intend
    // to target. This is because it is used to isolate requests you
    // intend to hijack for your own purposes.
    baseURL: "https://core-api.prod.blur.io/v1",

    // GET https://core-api.prod.blur.io/v1/prices
    url: "/prices",
    method: "get",
  })
  await close()
  console.log(data)
}

main()

from sameorigin.

hey the /prices did indeed work ✅

for the rather important routes, I'm not able to make it work
https://core-api.prod.blur.io/v1/collections/azuki
have tried various squatUrls for eg. https://blur.io/collection it sometimes works out of the blue like (1 / 10 times prolly)

im guessing these are protected routes. appreciate any info on this ✌️

from sameorigin.

@aster2709

I agree with your interpretation.

As far as I have experimented, you need to be signed in to query the API on other routes.

It should be possible to programmatically login to Blur using the same API functions (since, similar to /prices, it cannot be protected like the other routes because it must serve unauthenticated users). Very odd to hear that it sometimes randomly works, though.

I recommend manually signing into Blur and watching which API calls which get made in the Network tab; you'll need to replicate these programmatically from your script using sameorigin in order to access permissioned content on the Blur API.

from sameorigin.

Hey, did you ever manage to get this to work with the protected routes?

from sameorigin.