From 2f319b0c1e17606bb7a9d5dc8afe6ded58b1526a Mon Sep 17 00:00:00 2001
From: mayor <mayor@reflex.ai>
Date: Fri, 22 May 2026 17:20:02 -0700
Subject: [PATCH] fix: add User-Agent to bypass CloudFlare bot protection on
 api.tryreflex.ai

CloudFlare returns 403 (error 1010 'Browser Integrity Check') for requests
without a proper User-Agent header. Python's urllib defaults to
'Python-urllib/X.Y' which gets blocked.

Adds a 'reflex-quickstart/1.0' UA on both the Convex mutation POST and
the worker /health GET.
---
 quickstart_molmoact.py | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/quickstart_molmoact.py b/quickstart_molmoact.py
index d909ccd..eaf0e7d 100644
--- a/quickstart_molmoact.py
+++ b/quickstart_molmoact.py
@@ -85,7 +85,10 @@ def _convex_mutation(path: str, args: dict) -> dict:
         f"{CONVEX_URL}/api/mutation",
         data=body,
         method="POST",
-        headers={"content-type": "application/json"},
+        headers={
+            "content-type": "application/json",
+            "user-agent": "reflex-quickstart/1.0 (+https://github.com/reflex-inc/quickstart)",
+        },
     )
     try:
         with urllib.request.urlopen(req, timeout=30) as resp:
@@ -197,7 +200,11 @@ def run_inference(session: dict) -> None:
     t0 = time.perf_counter()
     try:
         req = urllib.request.Request(
-            health_url, headers={"Authorization": f"Bearer {token}"}
+            health_url,
+            headers={
+                "Authorization": f"Bearer {token}",
+                "user-agent": "reflex-quickstart/1.0 (+https://github.com/reflex-inc/quickstart)",
+            },
         )
         with urllib.request.urlopen(req, timeout=60) as resp:
             body = resp.read()