Fix Google consent wall breaking all searches

Google started enforcing EU consent redirects that the hardcoded
SOCS/CONSENT cookies no longer bypass. Replace static cookie approach
with dynamic consent handling: follow redirect chains, detect consent
forms, submit acceptance, and resume the flights request.

Release v1.6.1

Author: guitaripod

Cargo.lock

@@ -1,6 +1,6 @@
 [package]
 name = "flyr-cli"
-version = "1.6.0"
+version = "1.6.1"
 edition = "2021"
 description = "Search Google Flights from the terminal"
 license = "GPL-3.0"
@@ -29,6 +29,7 @@ comfy-table = "7"
 open = "5"
 rmcp = { version = "0.15", features = ["server", "transport-io"] }
 schemars = "1"
+urlencoding = "2.1.3"
 
 [dev-dependencies]
 assert_cmd = "2"

Cargo.toml

@@ -285,7 +285,7 @@ In human mode, errors go to stderr.
 
 1. **Query encoding** -- Flight parameters are protobuf-encoded (hand-rolled encoder, ~130 LOC) and base64-encoded into the `tfs` URL parameter, matching what Google Flights expects.
 
-2. **HTTP request** -- Uses [wreq](https://github.com/nickel-org/wreq) (reqwest fork) with Chrome 137 TLS fingerprint emulation to avoid bot detection. Pre-loads GDPR consent cookies to bypass the EU consent wall.
+2. **HTTP request** -- Uses [wreq](https://github.com/nickel-org/wreq) (reqwest fork) with Chrome 137 TLS fingerprint emulation to avoid bot detection. Automatically handles Google's EU consent wall by detecting consent redirects and submitting the acceptance form.
 
 3. **HTML parsing** -- Extracts the `<script class="ds:1">` tag, isolates the `data:` JSON payload, parses with serde_json.
 
@@ -341,7 +341,7 @@ src/
 ├── mcp.rs      Built-in MCP server (rmcp, stdio transport)
 ├── proto.rs    Hand-rolled protobuf encoder (~130 LOC)
 ├── query.rs    Query building, validation, URL param generation
-├── fetch.rs    HTTP client with Chrome TLS impersonation + GDPR cookies
+├── fetch.rs    HTTP client with Chrome TLS impersonation + consent handling
 ├── parse.rs    HTML script extraction + JSON payload navigation
 ├── model.rs    All data types (Serialize + Debug + Clone)
 ├── table.rs    Human-readable table rendering with currency symbols

README.md

@@ -1,6 +1,7 @@
 use std::sync::Arc;
 use std::time::Duration;
 
+use scraper::{Html, Selector};
 use wreq::Client;
 use wreq::cookie::Jar;
 use wreq_util::Emulation;
@@ -17,6 +18,7 @@ fn cache_buster() -> String {
 }
 
 const BASE_URL: &str = "https://www.google.com/travel/flights";
+const MAX_REDIRECTS: u8 = 10;
 
 #[derive(Clone)]
 pub struct FetchOptions {
@@ -33,17 +35,102 @@ impl Default for FetchOptions {
     }
 }
 
+fn is_redirect(status: u16) -> bool {
+    matches!(status, 301 | 302 | 303 | 307 | 308)
+}
+
+fn extract_location(response: &wreq::Response) -> Option<String> {
+    response
+        .headers()
+        .get("location")
+        .and_then(|v| v.to_str().ok())
+        .map(String::from)
+}
+
+fn extract_consent_form(html: &str) -> Option<String> {
+    let document = Html::parse_document(html);
+    let form_sel = Selector::parse("form[action=\"https://consent.google.com/save\"]").ok()?;
+    let input_sel = Selector::parse("input[type=\"hidden\"]").ok()?;
+
+    let form = document.select(&form_sel).next()?;
+
+    let mut fields: Vec<(String, String)> = Vec::new();
+    for input in form.select(&input_sel) {
+        if let (Some(name), Some(value)) = (input.attr("name"), input.attr("value")) {
+            fields.push((name.to_string(), value.to_string()));
+        }
+    }
+
+    if fields.is_empty() {
+        return None;
+    }
+
+    Some(
+        fields
+            .iter()
+            .map(|(k, v)| format!("{}={}", urlencoding::encode(k), urlencoding::encode(v)))
+            .collect::<Vec<_>>()
+            .join("&"),
+    )
+}
+
+async fn follow_redirects(client: &Client, start_url: &str) -> Result<String, FlightError> {
+    let mut url = start_url.to_string();
+
+    for _ in 0..MAX_REDIRECTS {
+        let response = client
+            .get(&url)
+            .send()
+            .await
+            .map_err(error::from_http_error)?;
+
+        let status = response.status().as_u16();
+
+        if is_redirect(status) {
+            url = extract_location(&response)
+                .ok_or_else(|| FlightError::JsParse("redirect without location".into()))?;
+            continue;
+        }
+
+        match status {
+            200 => {}
+            429 => return Err(FlightError::RateLimited),
+            403 | 503 => return Err(FlightError::Blocked(status)),
+            s if s >= 400 => return Err(FlightError::HttpStatus(s)),
+            _ => {}
+        }
+
+        let html = response.text().await.map_err(error::from_http_error)?;
+
+        if let Some(form_body) = extract_consent_form(&html) {
+            let save_resp = client
+                .post("https://consent.google.com/save")
+                .header("content-type", "application/x-www-form-urlencoded")
+                .body(form_body)
+                .send()
+                .await
+                .map_err(error::from_http_error)?;
+
+            if is_redirect(save_resp.status().as_u16()) {
+                url = extract_location(&save_resp)
+                    .ok_or_else(|| FlightError::JsParse("consent save: no redirect".into()))?;
+                continue;
+            }
+
+            return Err(FlightError::Blocked(save_resp.status().as_u16()));
+        }
+
+        return Ok(html);
+    }
+
+    Err(FlightError::Blocked(302))
+}
+
 pub async fn fetch_html(
     params: &[(String, String)],
     options: &FetchOptions,
 ) -> Result<String, FlightError> {
     let jar = Arc::new(Jar::default());
-    let url: wreq::Uri = "https://www.google.com".parse().unwrap();
-    jar.add(
-        "SOCS=CAESEwgDEgk2MjA5NDM1NjAaAmVuIAEaBgiA_Le-Bg",
-        &url,
-    );
-    jar.add("CONSENT=PENDING+987", &url);
 
     let mut builder = Client::builder()
         .emulation(Emulation::Chrome137)
@@ -61,21 +148,15 @@ pub async fn fetch_html(
     let mut params = params.to_vec();
     params.push(("cx".to_string(), cache_buster()));
 
-    let response = client
-        .get(BASE_URL)
-        .query(&params)
-        .send()
-        .await
-        .map_err(error::from_http_error)?;
-
-    let status = response.status().as_u16();
-    match status {
-        200 => {}
-        429 => return Err(FlightError::RateLimited),
-        403 | 503 => return Err(FlightError::Blocked(status)),
-        _ if status >= 400 => return Err(FlightError::HttpStatus(status)),
-        _ => {}
+    let mut start_url = format!("{BASE_URL}?");
+    for (i, (k, v)) in params.iter().enumerate() {
+        if i > 0 {
+            start_url.push('&');
+        }
+        start_url.push_str(&urlencoding::encode(k));
+        start_url.push('=');
+        start_url.push_str(&urlencoding::encode(v));
     }
 
-    response.text().await.map_err(error::from_http_error)
+    follow_redirects(&client, &start_url).await
 }

src/fetch.rs

@@ -25,7 +25,7 @@ fn top_level_version() {
         .arg("--version")
         .assert()
         .success()
-        .stdout(predicate::str::contains("flyr 1.6.0"));
+        .stdout(predicate::str::contains("flyr 1.6.1"));
 }
 
 #[test]