403 responses from the OJP data feeds
123 views
Skip to first unread message
Jon Cox
Sep 28, 2023, 11:28:49 AM9/28/23
to A gathering place for the Open Rail Data community
Hi,
My app uses the Online Journey Planner data feeds. Currently, every request from the backend to the OJP feeds is failing, with the following being returned:
<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
</body>
</html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
</body>
</html>
Interestingly, though, running the exact same request locally works. It's just on the backend it's failing. The backend runs on Google Cloud in the London region.
Journey planning in the official NRE app seems to be working, but there is at least one other 3rd party app for which it isn't working.
From my logs, it seems the problem first started around 10:26 this morning, 28 September.
I've tried emailing and calling the service desk, no response so far. If anyone has any ideas for what's causing the problem or how to workaround it, I'd be very keen to here them! Thank you.
Jon
Mike F (Hastings Line)
Sep 29, 2023, 5:31:09 AM9/29/23
to A gathering place for the Open Rail Data community
@Jon Cox - check that your calls are all https - the APIs used to accept plain http, but starting about a week ago are responding with 403 unless the call is https
Dorada
Sep 29, 2023, 6:45:02 AM9/29/23
to A gathering place for the Open Rail Data community
I see the same thing, even with https
~$ curl --user xxxx:xxxxx https://ojp.nationalrail.co.uk/webservices
<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
</body>
</html>
Jon Cox
Sep 29, 2023, 7:04:54 AM9/29/23
to A gathering place for the Open Rail Data community
Hi,
So I did get a response from the service desk in the end:
Apparently, yesterday morning, they made a change, and now external IP addresses that access the OJP API need to be whitelisted.
So yesterday afternoon/evening, I set up a static IP address that my backend uses to access the OJP API, and gave it to them. Late this morning, they have now whitelisted it, and the journey planner is working again.
So you'll need to:
1) Set up a static IP address your backend uses to call the OJP API.
2) Let them know about it - I'll privately send you the email addresses and phone number I have for them. I recommend emailing and phoning them until they get it fixed. They got it done relatively promptly, but I didn't get the impression they felt the same urgency I was feeling!
I've just sent them a long email with lots of questions about what exactly happened here and why. Because, as far as I can tell, I either didn't get or missed any communications about this change. And I don't understand why it works okay from my local machine (which isn't whitelisted), and why the journey planner official National Rail Enquires app seems to work, when it accesses the OJP API directly from the app itself (so how can the IP addresses be whitelisted?).
Overall, not an ideal situation! But if you can set up a static IP address to access the OJP, it is fixable.
Jon
Mike F (Hastings Line)
Sep 29, 2023, 7:09:30 AM9/29/23
to A gathering place for the Open Rail Data community
@Jon Cox, good to know
I checked again, it's the https://lite.realtime.nationalrail.co.uk/OpenLDBWS/ldb11.asmx SOAP call that is now enforcing https
I checked again, it's the https://lite.realtime.nationalrail.co.uk/OpenLDBWS/ldb11.asmx SOAP call that is now enforcing https
On Friday, 29 September 2023 at 11:45:02 UTC+1 Dorada wrote:
Reply all
Reply to author
Forward
0 new messages