Google Returning 403 Forbidden

Asked

Viewed 121 times

3

My webservice makes a request to maps.google.com but returns Exception happens System.Net.Webexception with 403 Forbidden message

But the URL normally runs via browser. What can be?

[WebMethod]
public string teste()
{
    string url = @"http://maps.google.com/maps/api/directions/xml?origin=-28.2773357297022,-52.7852053516473&destination=-19.7779008,-47.9249145&mode=driving&waypoints=-26.8727562,-49.1010188|-25.530283,-49.2949339|-23.4841434977362,-46.7853496799363|&sensor=false&client=gme-meuID&signature=G3GSye-fxYY-GIDq-z2TIO8FI2A=";   
    HttpWebRequest _HttpReq = (HttpWebRequest)WebRequest.Create(url);
    _HttpReq.Method = "GET";
    var response = _HttpReq.GetResponse();
    StreamReader sReader = new StreamReader(response.GetResponseStream());
    return sReader.ReadToEnd();
}
  • 1

    I found this here. Would be the case?

  • It does not fit in any of the cases, because the url has Clientid, it is signed and the signature is correct since it normally opens if I go through the browser.

  • Observe on this page some patterns, such as the domain used, which is the maps.googleapis.com. Another thing is the way you are signing the request, see an example on C# at the end of this page. I recommend you do not display your signature key here as Google’s own security alert.

  • The domain actually redirects to maps.google.com. just displayed the Clientid which is open, the private key really should not be displayed and is well guarded in my application ^_^

1 answer

2

I discovered the problem by checking that Webrequest.Create has 2 versions, one with string and the other with Uri. After this I checked that the actual address that is requested is different from the string passed, since the | character must be converted to an escape character to be a valid Uri.

String: http://maps.google.com/maps/api/directions/xml?origin=-28.2773357297022,-52.78520536473&Destination=-19.7779008,-47.9249145&mode=driving&waypoints=-26.8727562,-49.1010188|-25.530283,-49.2949339|-23.4841434977362,-46.7853496799363|&sensor=false&client=gme-meuID&signature=G3GSye-fxYY-GIDq-z2TIO8FI2A=


_Httpreq.Absoluteuri: http://maps.google.com/maps/api/directions/xml?origin=-28.2773357297022,-52.78520536473&Destination=-19.7779008,-47.9249145&mode=driving&waypoints=-26.8727562,-49.1010188%7C-25.530283,-49.2949339%7C-23.4841434977362,-46.7853496799363%7C&sensor=false&client=gme-meuID&signature=G3GSye-fxYY-GIDq-z2TIO8FI2A=


In the browser this is not necessary, but in the web request yes, so before the url signature should be used the Uri.Escapedatastring on the part of the waypoints.

Signing with the correct Uri: http://maps.google.com/maps/api/directions/xml?origin=-28.2773357297022,-52.7852053516473&Destination=-19.7779008,-47.9249145&mode=driving&waypoints=-26.8727562,-49.1010188%7C-25.530283,-49.2949339%7C-23.4841434977362,-46.7853496799363%7C&sensor=false&client=gme-meID&signature signature=Rq5bftpp55ljjfoibr7kqcwbwn0=

Browser other questions tagged

You are not signed in. Login or sign up in order to post.