Hey,
I'm working on a Chrome extension that sends a trade request via a fetch POST request to Steam, but I'm consistently getting a 403 Forbidden error(even if I reset my IP). I've double-checked everything related to cookies and I'm pretty sure those are correct.
I'm wondering if this issue might be because I'm trying to send the request directly from the extension. Should I consider sending the trade request through a server instead? Or is there a way to make it work directly through the Chrome extension?
Here's the code I'm currently using to send the request:
async function sendTradeOffer(sessionID, partnerSteamID, tradeToken, itemsFromMe, itemsFromThem, cookies) {
const tradeOffer = {
newversion: true,
version: 2,
me: {
assets: itemsFromMe, // [{ appid: 440, contextid: '2', amount: 1, assetid: '14765659647' }]
currency: [],
ready: false
},
them: {
assets: itemsFromThem, // []
currency: [],
ready: false
}
};
const params = tradeToken ? { trade_offer_access_token: tradeToken } : {};
try {
const response = await fetch(`https://steamcommunity.com/tradeoffer/new/send`, {
method: 'POST',
headers: {
'content-type': 'application/x-www-form-urlencoded',
'cookie': cookies, // browserid=xxx; steamLoginSecure=xxx%7C%7Cxxx; sessionid=xxx
'referer': `https://steamcommunity.com/tradeoffer/new/?partner=${partnerSteamID}${tradeToken ? `&token=${tradeToken}` : ''}`
},
body: new URLSearchParams({
sessionid: sessionID,
serverid: 1,
partner: partnerSteamID.toString(),
tradeoffermessage: '',
json_tradeoffer: JSON.stringify(tradeOffer),
captcha: '',
trade_offer_create_params: JSON.stringify(params),
tradeofferid_countered: ''
})
});
if (!response.ok) {
throw new Error(`HTTP error! status: ${response.status}`);
}
const data = await response.json();
console.log(data);
return data;
} catch (error) {
console.error('Error during trade offer:', error);
return { error };
}
}
