Start 2025 on time and up to date. Seamlessly integrate your calendars into Dropbox with these simple steps.

Forum Discussion

GSean's avatar
GSean
New member | Level 2
12 months ago

HTTP request problem

Hi, I'm looking for help with the following HTTP request problem:

For my student app security project, I analyzed HTTP traffic between a third-party mobile app (Android) and its server, which is using CloudFront CDN.

For testing, I selected one of the requests from the existing HTTP traffic, along with its headers and request body. I began sending such requests to the server of the abovementioned mobile app. Moreover, with each sending, the request's body contains the specific parameters received from the user’s phone, so such requests cannot be classified as spam.

For about three weeks and with a frequency of about 20 times per hour, my requests passed through without errors; that is, in the response from the server, I received the 200 statuses along with the data.

However, starting at some point, I started receiving a 429 error with response headers, from which it is clear that I have exceeded the request rate limit, and this even though I am currently making no more than one request per hour: "x-envoy -ratelimited": "true".

Below is a copy of the headers that come in the server response along with error 429:

{

"content-length": "0",

"strict-transport-security": "max-age=15552000",

"x-content-type-options": "nosniff",

"x-envoy-ratelimited": "true",

"x-envoy-local-reply": "true",

"vary": "Accept-Encoding",

"date": "Wed, 31 Jan 2024 11:48:59 GMT",

"server": "envoy-iad",

"x-cache": "Error from cloudfront",

"via": "1.1 d8defd690c445023198cdbef1992d5f4.cloudfront.net (CloudFront)",

"x-amz-cf-pop": "ORD56-P2",

"alt-svc": "h3=\":443\"; ma=86400",

"x-amz-cf-id": "iHTg9k39NclExW_rlVGuEE3iLt4Q93b-zyXor4WOUueqAEOBo_HKaQ=="

}

I know for sure that the server limits on incoming traffic have not changed for my project, and I don’t receive a Retry-After header in the server response.

Question: has anyone encountered such a problem, and how can I get around it?

I will be grateful for any idea, even if it is not necessarily proven by experience.

  • This is a forum for help with the Dropbox API in particular. It looks like the error you're investigating is coming from CloudFront, not Dropbox, so we can't offer support for that.