Description

This PR addresses the issue reported in #328, where API requests from camply to the GoingToCamp WA site were being blocked by DataDome, resulting in a 403 captcha error.

Upon examining the network requests on the GoingToCamp WA site, I observed that their API calls included a large set of HTTP headers, including those related to DataDome's bot protection. To isolate the essential headers required to prevent the API request from being rejected, I just copied the request and removed headers one by one. I identified that retaining only the User-Agent and Accept-Language headers circumvented the issue.

Further investigation into the DataDome Request Validation API revealed that the Accept-Language header is among the top headers validated by DataDome. Including this header makes our API requests appear more legitimate (which it is), aligning closely with typical user requests, thus avoiding immediate rejection.

It's important to clarify that this modification does not represent a bypass of the captcha mechanism but rather an enhancement to the request headers to align with validation checks. This approach is currently effective, but it is susceptible to changes should GoingToCamp WA update their bot protection strategies.

I'm aware of your comment about captchas #287 (comment), so please close this if this is not something you're into. Not intending to break captcha with this, just replicating the network request on their website more accurately with a single header addition.

Has This Been Tested?

Before

After

Checklist:

• I've read the contributing guidelines of this project
• I've installed and used .pre_commit on all my code
• I have documented my code, particularly in hard-to-understand areas
• I have made any necessary corresponding changes to the documentation