Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> you can use a browser with JS to grab the cookie, then feed it to httrack headers

They also check your user agent, IP and JA3 fingerprint (and ensures it matches with the one that got the cookie) so it's not as simple as copying some cookies. This might just be for paying customers though since it doesn't do such heavy checks for some sites



Dude. Cookie is a header, user agent is a header, ja3 is a header. It's the same stuff.

These protections are against ddos attacks, botnets, large crawling infrastructures that can lose by having to sync header info.

If you're just a single tired dev saving a website because you care about some content, none of this is a significant barrier.


Dude. JA3 is a your TLS fingerprint. Most libraries don't let you spoof it. The annoying thing is that with new versions of Chrome and Firefox, JA3 is randomized per session so it changes every time. You need to intercept the request in Wireshark to get it.


Seconded. It seems to depend on the sites settings, and those in turn are regulated heavily by subscription plan the site is on.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: