False broken link detected on instagram link

Hi @vbruzual

Sorry to hear you are having this issue.

Could you please click on the details of the report and copy/paste the content here?

I tested the Instagram link from your page but I got a 200 status which means not broken:

https://monosnap.com/file/pAE5hvceqMc57G7uHE7tzeIiixn4Us

Let us know the status that it shows for you.
Best Regards
Patrick Freitas

Here are the details. I pasted the two colums one after the other

Link last checked: 14/05/2021
HTTP code: 429
Response time: 0.463 seconds
Final URL: https://www.instagram.com/accounts/login/
Redirect count: 1
Instance count: 2

This link has failed 3 times.
This link has been broken for 5 days.

Log: === Code HTTP : 429 ===

Response headers
================
HTTP/2 302
content-type: text/html; charset=utf-8
location: https://www.instagram.com/accounts/login/
vary: Accept-Language, Cookie
content-language: en
date: Fri, 14 May 2021 01:17:36 GMT
strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-frame-options: SAMEORIGIN
content-security-policy: report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://graphql.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 0
x-ig-push-state: c2
x-aed: 44
access-control-expose-headers: X-IG-Set-WWW-Claim
content-length: 0
x-ig-origin-region: atn
x-fb-trip-id: 1679558926
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

HTTP/2 429
content-type: text/html; charset=utf-8
vary: Accept-Language, Cookie
content-language: en
date: Fri, 14 May 2021 01:17:37 GMT
strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-frame-options: SAMEORIGIN
content-security-policy: report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://graphql.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
cross-origin-embedder-policy-report-only: require-corp;report-to="coep"
report-to: {"group": "coep", "max_age": 86400, "endpoints": [{"url": "/security/coep_report/"}]}
x-content-type-options: nosniff
x-xss-protection: 0
x-ig-push-state: c2
x-aed: 44
access-control-expose-headers: X-IG-Set-WWW-Claim
content-length: 20793
x-ig-origin-region: atn
x-fb-trip-id: 1679558926
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Request headers
================
GET /accounts/login/ HTTP/2
Host: www.instagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36
Accept: */*
Referer: https://bluevertsoul.fr
Connection: close
Range: bytes=0-2048

Response HTML
================
<!DOCTYPE html>
<html lang="en" class="no-js not-logged-in ">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">

<title>
Page Not Found &bull; Instagram
</title>

<meta name="robots" content="noimageindex, noarchive">
<meta name="apple-mobile-web-app-status-bar-style" content="default">
<meta name="mobile-web-app-capable" content="yes">
<meta name="theme-color" content="#ffffff">
<meta id="viewport" name="viewport" content="width=device-width, initial-scale=1, minimum-scale=1, maximum-scale=1, viewport-fit=cover">
<link rel="manifest" href="/data/manifest.json">

<script type="text/javascript">
(function() {
var docElement = document.documentElement;
var classRE = new RegExp('(^|\\s)no-js(\\s|$)');
var className = docElement.className;
docElement.className = className.replace(classRE, '$1js$2');
})();
</script>
<script type="text/javascript">
(function() {
if ('PerformanceObserver' in window && 'PerformancePaintTiming' in window) {
window.__bufferedPerformance = [];
var ob = new PerformanceObserver(function(e) {
window.__bufferedPerformance.push.apply(window.__bufferedPerformance,e.getEntries());
});
ob.observe({entryTypes:['paint']});
}

window.__bufferedErrors = [];
window.onerror = function(message, url, line, column, error) {
window.__bufferedErrors.push({
message: message,
url: url,
line: line,
column: column,
error: error
});
return false;
};
window.__initialData = {
pending: true,
waiting: []
};
function asyncFetchSharedData(extra) {
var sharedDataReq = new XMLHttpRequest();
sharedDataReq.onreadystatechange = function() {
if (sharedDataReq.readyState === 4) {
if(sharedDataReq.status === 200){
var sharedData = JSON.parse(sharedDataReq.responseText);
windo
Le lien est cassé.

Hi @vbruzual

Sorry for the delay here.

The error status is 429 which means too many requests

https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/429

Sounds like Instagram limit the number of requests:

https://stackoverflow.com/questions/33477861/how-to-avoid-instagram-error-429-the-maximum-number-of-requests-per-hour-has-bee

https://stackoverflow.com/questions/49585077/instagram-api-limit-reduced-to-200-from-5000

We don’t use the API to access the links but this could be a similar issue here in case the number of Instagram links reach the allowed limit the Instagram will send an error header.

I reported this to our developers so we can look further on a future update if anything can be done to prevent this.

We can’t give an estimated time or if we will find a solution, but please, keep the plugin updated.

Let us know if you have any additional question.
Best Regards
Patrick Freitas

Thank you. I put instagram.com in the exclusion list until the issue is fixed.

Have the same problem and also an idea why this happens.

As I can see from the log snippet, Instagram is sending two HTTP responses in sequence.
429 and 302. 302 is a temporary redirect.
Instagram sends it because you are not logged in.

I also get the same result when I link to Instagram’s privacy policy.
This suggests that Instagram is responding to all HTTP HEAD requests that your plugin uses with a 429 HTTP response. I think this is due to search engine spiders possibly using the same approach and Instagram doesn’t want anything indexed by them.
This would explain Instagram’s behavior.

Of course, this assumption can only be confirmed or denied by Instagram itself but I am 99.9% sure that this is the case.

Hi @mumbomedia

You are correct.

Instagram (and some other services) kind of detect such URL check as “artificial” – it just considers it as bot/crawler that’s not authorized to do such request. It’s expecting such requests to be done over official API which is not yet implemented in the plugin.

There’s no simple way around it other than building-in a full API support into the plugin (and even then it would require you to authorize your site as “authorized app”) but I’m afraid I don’t have ETA/timeline on this at the moment.

Kind regards,
Adam