Skip to content

Fix LAC (Lancaster) scraper#420

Open
symroe wants to merge 2 commits into
masterfrom
fix/LAC-scraper
Open

Fix LAC (Lancaster) scraper#420
symroe wants to merge 2 commits into
masterfrom
fix/LAC-scraper

Conversation

@symroe

@symroe symroe commented Jul 4, 2026

Copy link
Copy Markdown
Member

What broke

committeeadmin.lancaster.gov.uk times out from Lambda with wreq's Firefox133 TLS fingerprint. The existing verify_requests = False addresses the certificate trust issue on this host but does not bypass the WAF fingerprint check: the WAF drops the TLS handshake when it sees wreq's Firefox client-hello, hanging the connection until timeout. The scraper has been failing for 10 consecutive days (2026-06-23 through 2026-07-02).

A previous fix attempt (PR #381) replaced verify_requests = False with http_lib = "playwright" but was closed without merging. This PR takes the correct approach by keeping both settings — the cert issue and the WAF fingerprint block are independent problems. Same pattern as DAC (PR #416) and HNS (PR #405).

What was fixed

  • Added http_lib = "playwright" to the Scraper class — headless Chromium's Chrome TLS fingerprint passes the WAF, allowing the ModGov XML endpoint to be reached.
  • Retained verify_requests = False — the certificate trust issue on this host is independent of the WAF block.

Scrape results

Metric Count
Councillors found TBC (Lambda run needed — server rejects non-Chrome TLS fingerprints from this environment)
With email address TBC
With photo TBC

The endpoint is confirmed live from non-Lambda IPs. Counts will be confirmed after the next Lambda run.


Generated by Claude Code

symroe added 2 commits June 24, 2026 08:08
…print block

committeeadmin.lancaster.gov.uk times out when accessed with wreq's Firefox133
TLS fingerprint from Lambda. The previous verify_requests=False only addressed
cert trust, not the WAF's TLS fingerprint filter.

Playwright uses Chromium's standard Chrome TLS fingerprint, which passes the WAF.
The endpoint is live and returning valid ModGov XML from non-Lambda IPs.
committeeadmin.lancaster.gov.uk times out from Lambda with wreq's
Firefox133 TLS fingerprint — the server's WAF drops the connection during
the TLS handshake. The existing verify_requests = False addresses the cert
issue on this host but does not bypass the WAF fingerprint check.

Adding http_lib = "playwright" switches to headless Chromium whose Chrome
TLS fingerprint passes the WAF. verify_requests = False is retained as the
certificate issue is independent. Same pattern as DAC (PR #416) and HNS
(PR #405). The scraper has been failing for 10 consecutive days
(2026-06-23 through 2026-07-02). Previous fix attempt PR #381 was closed
without merging; this corrects the approach by keeping verify_requests.
@symroe

symroe commented Jul 4, 2026

Copy link
Copy Markdown
Member Author

Re-scrape after 49531b6

Added http_lib = "playwright" alongside existing verify_requests = False to bypass the WAF timeout on committeeadmin.lancaster.gov.uk. Previous PR #381 removed verify_requests = False when adding playwright; this PR retains it because the cert issue and WAF fingerprint block are independent — matching the pattern used for DAC (PR #416) and HNS (PR #405).

A local scrape cannot be confirmed from this environment — the server rejects all non-Chrome TLS fingerprints. Counts will be populated on the next scheduled Lambda run.

Metric Count
Councillors found TBC (Lambda run needed)
With email address TBC
With photo TBC

Generated by Claude Code

symroe added a commit that referenced this pull request Jul 7, 2026
…gerprint block\n\nThe ModGov endpoint at cyfarfodyddpwyllgor.siryfflint.gov.uk returns 503 or\ntimes out when accessed from Lambda using wreq's Firefox TLS fingerprint. The\nendpoint serves valid XML (62 councillors, 61 with photos) to non-Lambda clients,\nconfirming this is a WAF fingerprint block rather than a server outage.\n\nAdding http_lib = \"playwright\" switches to headless Chromium's Chrome TLS\nfingerprint, which the WAF allows through. The existing verify_requests = False\nis retained as the certificate issue on this host is independent of the WAF block.\nSame pattern as DAC (#416), LAC (#420), HNS (#405), and others."
symroe pushed a commit that referenced this pull request Jul 10, 2026
democracy.medway.gov.uk times out from Lambda with wreq's Firefox133 TLS
fingerprint. The existing verify_requests=False addresses a certificate issue
but does not bypass the WAF's TLS fingerprint check, which drops the
connection before any HTTP response is returned. Adding http_lib="playwright"
switches to headless Chromium's Chrome TLS fingerprint, which passes the WAF
and allows the ModGov XML endpoint to be reached. Same fix pattern as HNS
(#405), LAC (#420), DAC (#416), and other recently fixed ModGov instances.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant