Unexpected token 'Y'

Question

Unexpected token 'Y'

Closed this issue 10 months ago · 11 comments

ru44 commented 10 months ago

I believe there is issue in pwned tool

e.g. pwned ba loka@gmail.com

Unexpected token 'Y', "your reque"... is not valid JSON

is it only me?

Answer 1 · 2023-10-26T00:01:13.000Z

I haven't paid for an API key so I can't test the ba command while authenticated, but seems to do what it's supposed to do while unauthenticated and the other commands that don't require an API key are all working.

What version of pwned?
What version of Node.js?
What operating system?

Answer 2 · 2023-11-01T19:40:25.000Z

OS: blackarch
Node: v18.17.1
pwned: 2221.f3df0eb

Answer 3 · 2023-11-01T19:59:29.000Z

2221.f3df0eb

That's not a valid version of pwned (latest published is 11.0.0), but that partial commit hash does match a commit from a few days ago so I'm guessing you're using a custom version built from source or something similar.

Do you get any different results running the distributed version via npx?

npx pwned ba loka@gmail.com

What about commands that don't require a paid API key like:

pwned pw password

Answer 4 · 2023-11-02T09:17:28.000Z

yea even when I run

npx pwned ba loka@gmail.com

getting the same but the free

npx pwned pw admin

its working fine

Answer 5 · 2023-11-03T00:37:15.000Z

Try hitting the API directly with curl like so (replacing [YOUR_API_KEY] with your actual key):

curl --header "HIBP-API-Key: [YOUR_API_KEY]" -i https://haveibeenpwned.com/api/v3/breachedaccount/loka%40gmail.com

Then tell me whatever you can about the results without revealing anything you consider private information.

Answer 6 · 2023-11-05T16:35:46.000Z

@ru44 I had to renew my API key to implement some new features in another project and I was able to retrieve your breached account information just fine.

Answer 7 · 2023-11-05T17:21:18.000Z

I see but still not working because when I run npx pwned ba loka@gamil.com
I get

Answer 8 · 2023-11-05T17:22:42.000Z

Not sure what that could be other than something unusual on your end. Did you try the curl command to see if you get a reasonable response from the HIBP API directly?

Answer 9 · 2023-11-05T18:19:58.000Z

no not really how do I do that?

Answer 10 · 2023-11-05T18:44:42.000Z

no not really how do I do that?

#239 (comment)

Answer 11 · 2023-11-12T00:02:51.000Z

@ru44 I was just able to successfully use pwned to look up your account in blackarch, so I'm going to close this as I don't see anything indicating it's a problem with the tool. Feel free to try the curl command I mentioned above, as it may reveal the next troubleshooting step.

Good luck!