Fix LAC (Lancaster) scraper#420
Open
symroe wants to merge 2 commits into
Open
Conversation
…print block committeeadmin.lancaster.gov.uk times out when accessed with wreq's Firefox133 TLS fingerprint from Lambda. The previous verify_requests=False only addressed cert trust, not the WAF's TLS fingerprint filter. Playwright uses Chromium's standard Chrome TLS fingerprint, which passes the WAF. The endpoint is live and returning valid ModGov XML from non-Lambda IPs.
committeeadmin.lancaster.gov.uk times out from Lambda with wreq's Firefox133 TLS fingerprint — the server's WAF drops the connection during the TLS handshake. The existing verify_requests = False addresses the cert issue on this host but does not bypass the WAF fingerprint check. Adding http_lib = "playwright" switches to headless Chromium whose Chrome TLS fingerprint passes the WAF. verify_requests = False is retained as the certificate issue is independent. Same pattern as DAC (PR #416) and HNS (PR #405). The scraper has been failing for 10 consecutive days (2026-06-23 through 2026-07-02). Previous fix attempt PR #381 was closed without merging; this corrects the approach by keeping verify_requests.
Member
Author
Re-scrape after 49531b6Added A local scrape cannot be confirmed from this environment — the server rejects all non-Chrome TLS fingerprints. Counts will be populated on the next scheduled Lambda run.
Generated by Claude Code |
symroe
added a commit
that referenced
this pull request
Jul 7, 2026
…gerprint block\n\nThe ModGov endpoint at cyfarfodyddpwyllgor.siryfflint.gov.uk returns 503 or\ntimes out when accessed from Lambda using wreq's Firefox TLS fingerprint. The\nendpoint serves valid XML (62 councillors, 61 with photos) to non-Lambda clients,\nconfirming this is a WAF fingerprint block rather than a server outage.\n\nAdding http_lib = \"playwright\" switches to headless Chromium's Chrome TLS\nfingerprint, which the WAF allows through. The existing verify_requests = False\nis retained as the certificate issue on this host is independent of the WAF block.\nSame pattern as DAC (#416), LAC (#420), HNS (#405), and others."
This was referenced Jul 7, 2026
symroe
pushed a commit
that referenced
this pull request
Jul 10, 2026
democracy.medway.gov.uk times out from Lambda with wreq's Firefox133 TLS fingerprint. The existing verify_requests=False addresses a certificate issue but does not bypass the WAF's TLS fingerprint check, which drops the connection before any HTTP response is returned. Adding http_lib="playwright" switches to headless Chromium's Chrome TLS fingerprint, which passes the WAF and allows the ModGov XML endpoint to be reached. Same fix pattern as HNS (#405), LAC (#420), DAC (#416), and other recently fixed ModGov instances.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What broke
committeeadmin.lancaster.gov.uktimes out from Lambda with wreq's Firefox133 TLS fingerprint. The existingverify_requests = Falseaddresses the certificate trust issue on this host but does not bypass the WAF fingerprint check: the WAF drops the TLS handshake when it sees wreq's Firefox client-hello, hanging the connection until timeout. The scraper has been failing for 10 consecutive days (2026-06-23 through 2026-07-02).A previous fix attempt (PR #381) replaced
verify_requests = Falsewithhttp_lib = "playwright"but was closed without merging. This PR takes the correct approach by keeping both settings — the cert issue and the WAF fingerprint block are independent problems. Same pattern as DAC (PR #416) and HNS (PR #405).What was fixed
http_lib = "playwright"to the Scraper class — headless Chromium's Chrome TLS fingerprint passes the WAF, allowing the ModGov XML endpoint to be reached.verify_requests = False— the certificate trust issue on this host is independent of the WAF block.Scrape results
The endpoint is confirmed live from non-Lambda IPs. Counts will be confirmed after the next Lambda run.
Generated by Claude Code