we have a python script calling purge_cache periodically as a scheduled task. for months that ran just fine but today i noticed it was erroring out with 403/Forbidden.
i’m guessing this error started in may or june of 2022. took a while to troubleshoot and the result is that Cloudflare API is rejecting the default Python-urllib/3.x user agent.
once i changed the user agent header to some other value like curl/7.47.0, the API call started working fine.
anyone cares to speculate what that’s all about? Cloudflare suddenly decided to bounce Python-urllib user agents for some of its API calls. wtf?
that seems to be an unlikely reason. browser integrity checks are or at least should be for clients’ web sites not for cloudflare API calls.
also API calls are supposed to be from scripts and code libraries, not browsers. it’ll be ridiculous for Cloudflare to enforce browser integrity checks on its own API library.
even so, i actually disabled browser integrity check for the zone just to test this and as expected there was no favorable outcome.
but maybe that’s what they decided to do for their API library to be annoying, even if it’s simple to fool it.