speicher Posted September 10, 2016 Report Posted September 10, 2016 at least since 24 hours the mobile confirmations not working anymore. was there an steam update which has destroyed your plugin functionality? or are the steam servers are just broken and steam don't care about it? i found more people with the same problem, who saying it is just showing "Invalid session errors": https://www.reddit.com/r/SteamBot/comments/51x5ty/question_current_trade_status/ the website https://steamstat.us/ is switching the whole day between "normal" and "100.0% Failed Trades" as well. Quote
Dr. McKay Posted September 10, 2016 Report Posted September 10, 2016 Confirmations work fine for me. Quote
speicher Posted September 10, 2016 Author Report Posted September 10, 2016 i am using startConfirmationChecker with a 20 sec interval and i call manually after every trade checkConfirmations();. this was working very well. is there an debug option, so that i can see the new error message? Quote
speicher Posted September 10, 2016 Author Report Posted September 10, 2016 i guess, i have found it. confirmations.js after line 195:console.log('error: '+ response); console.log('response: '+ err); console.log('body: '+ body); Quote
speicher Posted September 10, 2016 Author Report Posted September 10, 2016 looks like rate limiting (error 429). i have tons of failed trades. is there an option to bind each bot on a different ip address?Accepted trade request error: undefined response: Error: HTTP error 429 body: undefined Found 552 CS:GO items in my inventory. Add item: Dual Berettas | Dualing Dragons (Minimal Wear) Found 8 Steam items in my inventory. User clicked ready Confirming Trade Trade completed: pending error: undefined response: Error: HTTP error 429 body: undefined [#XXXXXXXXX] Trade State: 2 Offer accepted error: [object Object] response: null error: [object Object] response: null body: [object Object] Ready for trading. error: [object Object] response: null body: [object Object] error: undefined response: Error: HTTP error 429 body: undefined error: undefined response: Error: HTTP error 429 body: undefined response: Error: HTTP error 429 body: undefined error: undefined response: Error: HTTP error 429 body: undefined error: undefined response: Error: HTTP error 429 body: undefined error: undefined response: Error: HTTP error 429 body: undefined error: undefined response: Error: HTTP error 429 body: undefined error: undefined response: Error: HTTP error 429 body: undefined error: undefined response: Error: HTTP error 429 body: undefined error: undefined response: Error: HTTP error 429 body: undefined error: undefined response: Error: HTTP error 429 body: undefined error: undefined response: Error: HTTP error 429 body: undefined error: undefined response: Error: HTTP error 429 body: undefined error: undefined response: Error: HTTP error 429 body: undefined error: undefined response: Error: HTTP error 429 body: undefined error: undefined response: Error: HTTP error 429 body: undefined error: undefined response: Error: HTTP error 429 body: undefined error: undefined response: Error: HTTP error 429 body: undefined error: undefined response: Error: HTTP error 429 body: undefined error: undefined response: Error: HTTP error 429 body: undefined error: undefined response: Error: HTTP error 429 body: undefined error: undefined response: Error: HTTP error 429 body: undefined error: undefined response: Error: HTTP error 429 body: undefined error: undefined response: Error: HTTP error 429 body: undefined error: undefined response: Error: HTTP error 429 body: undefined error: undefined response: Error: HTTP error 429 body: undefined error: undefined response: Error: HTTP error 429 body: undefined error: undefined response: Error: HTTP error 429 body: undefined We have 65 friends. error: undefined response: Error: HTTP error 429 body: undefined error: undefined response: Error: HTTP error 429 body: undefined error: undefined response: Error: HTTP error 429 body: undefined error: undefined response: Error: HTTP error 429 body: undefined error: undefined response: Error: HTTP error 429 body: undefined error: undefined response: Error: HTTP error 429 body: undefined error: undefined response: Error: HTTP error 429 body: undefined error: undefined response: Error: HTTP error 429 body: undefined error: undefined response: Error: HTTP error 429 body: undefined error: undefined response: Error: HTTP error 429 body: undefined error: undefined response: Error: HTTP error 429 body: undefined error: undefined response: Error: HTTP error 429 body: undefined error: undefined response: Error: HTTP error 429 body: undefined error: undefined response: Error: HTTP error 429 body: undefined error: undefined response: Error: HTTP error 429 body: undefined error: undefined response: Error: HTTP error 429 body: undefined error: undefined response: Error: HTTP error 429 body: undefined error: undefined Quote
speicher Posted September 10, 2016 Author Report Posted September 10, 2016 ok, i have increased the "startConfirmationChecker" interval from 20 to 60 seconds and each bot has now an own ip address through "new SteamCommunity(bla)". looks like it's working now. error: null error: null error: null error: null error: null error: null Quote
Dr. McKay Posted September 10, 2016 Report Posted September 10, 2016 Glad you got that resolved. For future reference, you could do community.on('debug', console.log); for debug output. Quote
Lagg Posted September 11, 2016 Report Posted September 11, 2016 (edited) I'm sorry but I have to say something here. Are you kidding me? You realize that "hurp durp I'll just use moar IPs!" is contributing to the ever ensuing DDoS Valve faces because of bad code, and therefore leads to even more draconian throttling policies. Can you not just write responsibly? Better yet, competently? Or is ruining what little useful tools Valve accidentally provides for the community the primary goal? Is it not clear the very obvious cause and effect involved in these recent throttling updates? Edited September 11, 2016 by Lagg Quote
speicher Posted September 11, 2016 Author Report Posted September 11, 2016 if you have no idea what you talking about, then better write nothing. steam itself is ajax looping for many services e.g. for the notifications. based on you logic, 1 call per steam account, which is looping before every 20 seconds (now 60 seconds) - for new mobile confirmations - is a (D)DOS attack? lmao. obv, you have no idea what you talking about. do you even know, how many request a browser is doing when you surf on a website? obv, not. by the way, valve has not "accidentally provided these tools", they was developed by Dr. McKay and seishun. @Dr. McKay thank you. i will use it next time. i have dropped you another paypal donation. keep up the good work! Quote
Lagg Posted September 11, 2016 Report Posted September 11, 2016 based on you logic, 1 call per steam account, which is looping before every 20 seconds (now 60 seconds) - for new mobile confirmations - is a (D)DOS attack? lmao. obv, you have no idea what you talking about. do you even know, how many request a browser is doing when you surf on a website? obv, not. Yes. That polling is more likely than not one of the roots of the problem. You have X accounts logged in concurrently, and given the above I'm guessing you don't use any kind of self-rate limiting to avoid 15-30 of those bots trying to request the confirmations at the same time if they happen to finish the 60 second loop at the same time. If you log in a bot, start that timer, then log in the next bot, then start that timer. You're only giving a few seconds of actual limiting to your requests and that's where the 429s come from. Thousands of people writing bad code like this is by its definition a DDoS because it fills valve's servers with requests to the extent that it starts missing caches, returning errors or otherwise acting strangely. Binding each bot to a new IP is going to make it work, but good luck fixing the next throttling policy valve implements because of this stupidity. Because having a new IP doesn't change the simple fact that you have bad polling code. It just means you're fooling valve's checks. And they're going to care more about their own systems functioning for their own purposes before they consider the community's projects. Eventually "hurp durp I'll just spam some more from a new IP" isn't going to matter anymore when they finally decide to enact a global captcha policy or something of the like because of exactly the same kind of abuse and rate limit bypassing you're doing. Given that browsers don't work like this and that there is a massive difference between concurrent requests to download assets and concurrent requests to download dynamic pages, that's not a very applicable statement. But okay. Let's pretend for a minute that browsers did work like what you're doing. The closest equivalent I can think of would be a site that started 1 timer X times to pull a different URL through ajax. Does starting 20 (just as an example number) near-concurrent ajax requests seem like normal browser behavior to you or insane spamming? Well, consider Steam Inventory Helper and the fact that there's now a new captcha on the pages it abused. by the way, valve has not "accidentally provided these tools", they was developed by Dr. McKay and seishun. Valve accidentally gave a useful way of sending trades as a byproduct of their new system. Mckay wrote one of the better libs implementing them. I assumed this statement was self-explanatory. Quote
Dr. McKay Posted September 12, 2016 Report Posted September 12, 2016 The most effective way to handle confirmations (in terms of on your end, on the user experience, and on Steam servers) is to just check confirmations manually whenever you send/accept an offer that requires confirmation. Try a couple times if you have to (no more than 3) if it isn't in the list, and if it isn't then just cancel the offer and give the user an error. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.