Cloudflare 403 block still occurs on pkg-bundled binary (dcli sync)Β #367
Description
Description
When running dcli sync from a Homebrew-installed (pkg-bundled) binary, Cloudflare returns a 403 - "Sorry, you have been blocked" error on Dashlane's authentication endpoints (e.g. GetAuthenticationMethodsForDevice).
This was previously reported in #359, which was closed with the mention that the issue was solved internally. However, the problem is still present as of the latest available release.
Root cause
pkg embeds Node.js v22.11.0 with OpenSSL 3.0.15, whose default TLS fingerprint (JA3 0cce74b0d9b7f8528fb2181588d23793) is flagged and blocked by Cloudflare's WAF rules on Dashlane's API endpoints.
This only affects the packaged binary β running dcli sync via node dist/index.cjs works fine.
Steps to reproduce
- Install
dclivia Homebrew (brew install dashlane/tap/dashlane-cli) or build the pkg binary withyarn pkg:macos-arm - Run
dcli sync - Observe a
403Cloudflare block response
Expected behavior
dcli sync should successfully reach Dashlane's API without being blocked by Cloudflare.
Environment
- OS: macOS (ARM64)
- dcli: installed via Homebrew (pkg-bundled binary,
node22-macos-arm64target) - pkg:
@yao-pkg/pkg@6.1.1
Related
- PR fix: override TLS fingerprint to prevent Cloudflare WAF blocks on pkg binariesΒ #359 β proposed a TLS fingerprint override fix (closed, not merged)