Google Returning 403 Forbidden

Question

Google Returning 403 Forbidden

Asked 9 years, 2 months ago

Viewed 121 times

3

My webservice makes a request to maps.google.com but returns Exception happens System.Net.Webexception with 403 Forbidden message

But the URL normally runs via browser. What can be?

[WebMethod]
public string teste()
{
    string url = @"http://maps.google.com/maps/api/directions/xml?origin=-28.2773357297022,-52.7852053516473&destination=-19.7779008,-47.9249145&mode=driving&waypoints=-26.8727562,-49.1010188|-25.530283,-49.2949339|-23.4841434977362,-46.7853496799363|&sensor=false&client=gme-meuID&signature=G3GSye-fxYY-GIDq-z2TIO8FI2A=";   
    HttpWebRequest _HttpReq = (HttpWebRequest)WebRequest.Create(url);
    _HttpReq.Method = "GET";
    var response = _HttpReq.GetResponse();
    StreamReader sReader = new StreamReader(response.GetResponseStream());
    return sReader.ReadToEnd();
}

1

I found this here. Would be the case?

– Leonel Sanches da Silva

2015/04/13 at 21:05
It does not fit in any of the cases, because the url has Clientid, it is signed and the signature is correct since it normally opens if I go through the browser.

– Jackfowl

2015/04/14 at 11:17
Observe on this page some patterns, such as the domain used, which is the maps.googleapis.com. Another thing is the way you are signing the request, see an example on C# at the end of this page. I recommend you do not display your signature key here as Google’s own security alert.

– Paulo Rodrigues

2015/04/14 at 12:05
The domain actually redirects to maps.google.com. just displayed the Clientid which is open, the private key really should not be displayed and is well guarded in my application ^_^

– Jackfowl

2015/04/14 at 12:52

1 answer

Browser other questions tagged c# google-maps

You are not signed in. Login or sign up in order to post.

by Jackfowl • **133** points · Answer 1 · 2015-04-14T12:49:21+00:00

I discovered the problem by checking that Webrequest.Create has 2 versions, one with string and the other with Uri. After this I checked that the actual address that is requested is different from the string passed, since the | character must be converted to an escape character to be a valid Uri.

String: http://maps.google.com/maps/api/directions/xml?origin=-28.2773357297022,-52.78520536473&Destination=-19.7779008,-47.9249145&mode=driving&waypoints=-26.8727562,-49.1010188|-25.530283,-49.2949339|-23.4841434977362,-46.7853496799363|&sensor=false&client=gme-meuID&signature=G3GSye-fxYY-GIDq-z2TIO8FI2A=

_Httpreq.Absoluteuri: http://maps.google.com/maps/api/directions/xml?origin=-28.2773357297022,-52.78520536473&Destination=-19.7779008,-47.9249145&mode=driving&waypoints=-26.8727562,-49.1010188%7C-25.530283,-49.2949339%7C-23.4841434977362,-46.7853496799363%7C&sensor=false&client=gme-meuID&signature=G3GSye-fxYY-GIDq-z2TIO8FI2A=

In the browser this is not necessary, but in the web request yes, so before the url signature should be used the Uri.Escapedatastring on the part of the waypoints.

Signing with the correct Uri: http://maps.google.com/maps/api/directions/xml?origin=-28.2773357297022,-52.7852053516473&Destination=-19.7779008,-47.9249145&mode=driving&waypoints=-26.8727562,-49.1010188%7C-25.530283,-49.2949339%7C-23.4841434977362,-46.7853496799363%7C&sensor=false&client=gme-meID&signature signature=Rq5bftpp55ljjfoibr7kqcwbwn0=