I am trying to write a GET http call to a site to get game scores. I figured out the x-hsci-auth-token token and it uses Akamai Edge Authorization Token. I get good responses for all but 1 request.
For this one request, I get 204 and "No Content". But the same request returns valid response in the Chrome's DevTools. I am not sure what I am missing here.
{
status: 204,
statusText: 'No Content',
headers: Headers {
'x-hsci-cache-time': '2025-04-05T22:59:49.093Z',
expires: 'Sat, 05 Apr 2025 22:59:49 GMT',
'cache-control': 'max-age=0, no-cache, no-store',
pragma: 'no-cache',
date: 'Sat, 05 Apr 2025 22:59:49 GMT',
connection: 'keep-alive',
'access-control-allow-headers': 'Content-Type,Authorization,x-hsci-auth-token',
'access-control-expose-headers': 'x-hsci-pwa-cache,x-hsci-cache-time,st-access-token,st-refresh-token',
'access-control-allow-credentials': 'true',
'access-control-allow-origin': 'https://www.<website>.com'
},
body: null,
bodyUsed: false,
ok: true,
redirected: false,
type: 'basic',
url: '<endpoint url>'
}
I saw the browser did a Preflight request. I even tried the same payload with OPTIONS request and got 200 back.
Edit: My main goal so to GET the contents. I was trying OPTIONS to see if there were any issues with the authentication or my headers. Since this works, I am guessing I am missing something else.
{
status: 200,
statusText: 'OK',
headers: Headers {
'content-type': 'text/html',
'content-length': '2',
expires: 'Sat, 05 Apr 2025 23:03:24 GMT',
'cache-control': 'max-age=0, no-cache, no-store',
pragma: 'no-cache',
date: 'Sat, 05 Apr 2025 23:03:24 GMT',
connection: 'keep-alive',
'access-control-allow-headers': 'Content-Type,Authorization,x-hsci-auth-token',
'access-control-expose-headers': 'x-hsci-pwa-cache,x-hsci-cache-time,st-access-token,st-refresh-token',
'access-control-allow-credentials': 'true',
'access-control-allow-origin': 'https://www.<website>.com'
},
body: ReadableStream { locked: false, state: 'readable', supportsBYOB: true },
bodyUsed: false,
ok: true,
redirected: false,
type: 'basic',
url: '<endpoint url>'
}
I am using the same request headers in my fetch() requests. So, not sure why this one particular endpoint returns nothing.
const response = await fetch(BASE_API_URL + path, {
method: 'GET',
headers: {
"x-hsci-auth-token": <edgeAuth token>,
"Origin": "https://www.<website>.com",
"Referer": "https://www.<website>.com/",
"accept": "*/*",
"accept-encoding": "gzip, deflate, br, zstd",
"sec-fetch-mode": "cors",
"sec-fetch-site": "same-site",
"sec-fetch-dest": "empty",
},
})
Could you check all the headers and flags your browser includes when sending the request? I ran into the same issue on another project and resolved it by replicating all those user-agent headers and related parameters.