Google Books API gotcha, internal IP address, 503 “Cannot determine user location.”

The new Google Books API, just like the old, recommends you send the actual client IP address using an X-forwarded-for header. 

If your server that’s making the requests is running on an internal NAT’d network, like many academic institutions, then client browsers on that internal network too may have internal/private IP addresses as far as your server is concerned.

The old Google API, if you sent one of those private IP’s in an X-forwarded-for to Google, Google would presumably just ignore it.

The new Google API, you’ll actually get an error message, HTTP 503 response code, with json body:

{"error"=>{"message"=>"Cannot determine user location.", "code"=>503, "errors"=>[{"message"=>"Cannot determine user location.", "domain"=>"global", "reason"=>"unknownLocation"}]}}

I’d consider this a bug/mis-design myself — you aren’t required to send an X-Forwarded-For to Google at all.  But if you do send one, the fact that you need to be careful to avoid sending private/internal ones requires more complexity in your code (that wouldn’t have occured to you from the documentation, or until you see this blog post or the error in your logs) for no real reason.

So meanwhile, let this be a warning, filter those out before sending em to the Google Books API.

Also, beware that X-Forwarded-For header. While it looks like a familiar pseudo-standard HTTP header,  the typical X-Forwarded-For allows you to send a comma-seperated chain of IP addresses for multiple proxies.  Last time I checked, if you sent that to Google you’d get a 5xx error — haven’t checked with the new API though, but test it out, or avoid it.

This entry was posted in General. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s