- How does the problem look like?
cannot download https://herowo.akamaized.net/maps/Island%20of%20Fire/combined.json - 403 error - response message: Expected Referer
- What exactly did you do to trigger it?
A screenshot or video would be fantastic.
Probably a CDN problem. Must be fixed now.
But sometimes its working! :)
Uh, wait, you have empty Referer value? And only “sometimes”? Does it mean at other times your Referer is non-empty?
I suspect this may be caused by Referrer-Policy - HTTP | MDN which as seen on your first screenshot is at its default value of strict-origin-when-cross-origin:
Send the origin, path, and querystring when performing a same-origin request. For cross-origin requests send the origin (only) when the protocol security level stays same (HTTPS→HTTPS). Don’t send the Referer header to less secure destinations (HTTPS→HTTP).
herowo.game is using two static servers: Akamai CDN herowo.akamaized.net and in-house live-media.herowo.game. When it does not work, does the URL point to Akamai? When it does work, does it point to live-media? Also, when it does and doesn’t work, what is the Referer?
This behaviour is weird because regardless of the static server URL, strict-origin-when-cross-origin must only truncate Referer but not remove it altogether like on your second screenshot.
CDN seems to cause various erratic problems so I have disabled it for now. Also disabled the Referer check as it was failing for legit requests (Elmore) even though I personally couldn’t reproduce it.