Security News
Node.js EOL Versions CVE Dubbed the "Worst CVE of the Year" by Security Experts
Critics call the Node.js EOL CVE a misuse of the system, sparking debate over CVE standards and the growing noise in vulnerability databases.
The fast, robust, strongly-typed Google Flights scraper (API) implemented in Python.
Apparently, it's always a better approach to interact with the Internal Google APIs. I'm working on that, and I'll deliver the results soon if my experimental project works out well.
The fast and strongly-typed Google Flights scraper (API) implemented in Python. Based on Base64-encoded Protobuf string.
Documentation • Issues • Discussions
$ pip install fast-flights
TL;DR: To use fast-flights
, you'll first create a filter (for ?tfs=
) to perform a request.
Then, add flight_data
, trip
, seat
, passengers
to use the API directly.
from fast_flights import FlightData, Passengers, Result, get_flights
result: Result = get_flights(
flight_data=[
FlightData(date="2025-01-01", from_airport="TPE", to_airport="MYJ")
],
trip="one-way",
seat="economy",
passengers=Passengers(adults=2, children=1, infants_in_seat=0, infants_on_lap=0),
fetch_mode="fallback",
)
print(result)
# The price is currently... low/typical/high
print("The price is currently", result.current_price)
Properties & usage for Result
:
result.current_price
# Get the first flight
flight = result.flights[0]
flight.is_best
flight.name
flight.departure
flight.arrival
flight.arrival_time_ahead
flight.duration
flight.stops
flight.delay? # may not be present
flight.price
Useless enums: Additionally, you can use the Airport
enum to search for airports in code (as you type)! See _generated_enum.py
in source.
Airport.TAIPEI
╭─────────────────────────────────╮
│ TAIPEI_SONGSHAN_AIRPORT │
│ TAPACHULA_INTERNATIONAL_AIRPORT │
│ TAMPA_INTERNATIONAL_AIRPORT │
╰─────────────────────────────────╯
The EU region is a bit tricky to solve for now, but the fallback support should be able to handle it.
v2.0
– New (much more succinct) API, fallback support for Playwright serverless functions, and documentation!The other day, I was making a chat-interface-based trip recommendation app and wanted to add a feature that can search for flights available for booking. My personal choice is definitely Google Flights since Google always has the best and most organized data on the web. Therefore, I searched for APIs on Google.
🔎 Search
google flights api
The results? Bad. It seems like they discontinued this service and it now lives in the Graveyard of Google.
🧏♂️ duffel.com
Google Flights API: How did it work & what happened to it?The Google Flights API offered developers access to aggregated airline data, including flight times, availability, and prices. Over a decade ago, Google announced the acquisition of ITA Software Inc. which it used to develop its API. However, in 2018, Google ended access to the public-facing API and now only offers access through the QPX enterprise product.
That's awful! I've also looked for free alternatives but their rate limits and pricing are just 😬 (not a good fit/deal for everyone).
However, Google Flights has their UI – flights.google.com. So, maybe I could just use Developer Tools to log the requests made and just replicate all of that? Undoubtedly not! Their requests are just full of numbers and unreadable text, so that's not the solution.
Perhaps, we could scrape it? I mean, Google allowed many companies like Serpapi to scrape their web just pretending like nothing happened... So let's scrape our own.
🔎 Search
google flightsapiscraper pypi
Excluding the ones that are not active, I came across hugoglvs/google-flights-scraper on Pypi. I thought to myself: "aint no way this is the solution!"
I checked hugoglvs's code on GitHub, and I immediately detected "playwright," my worst enemy. One word can describe it well: slow. Two words? Extremely slow. What's more, it doesn't even run on the 🗻 Edge because of configuration errors, missing libraries... etc. I could just reverse try.playwright.tech and use a better environment, but that's just too risky if they added Cloudflare as an additional security barrier 😳.
Life tells me to never give up. Let's just take a look at their URL params...
https://www.google.com/travel/flights/search?tfs=CBwQAhoeEgoyMDI0LTA1LTI4agcIARIDVFBFcgcIARIDTVlKGh4SCjIwMjQtMDUtMzBqBwgBEgNNWUpyBwgBEgNUUEVAAUgBcAGCAQsI____________AZgBAQ&hl=en
Param | Content | My past understanding |
---|---|---|
hl | en | Sets the language. |
tfs | CBwQAhoeEgoyMDI0LTA1LTI4agcIARID… | What is this???? 🤮🤮 |
I removed the ?tfs=
parameter and found out that this is the control of our request! And it looks so base64-y.
If we decode it to raw text, we can still see the dates, but we're not quite there — there's too much unwanted Unicode text.
Or maybe it's some kind of a data-storing method Google uses? What if it's something like JSON? Let's look it up.
🔎 Search
google's json alternative
🐣 Result
Solution: The Power of Protocol BuffersLinkedIn turned to Protocol Buffers, often referred to as protobuf, a binary serialization format developed by Google. The key advantage of Protocol Buffers is its efficiency, compactness, and speed, making it significantly faster than JSON for serialization and deserialization.
Gotcha, Protobuf! Let's feed it to an online decoder and see how it does:
🔎 Search
protobuf decoder
🐣 Result
protobuf-decoder.netlify.app
I then pasted the Base64-encoded string to the decoder and no way! It DID return valid data!
I immediately recognized the values — that's my data, that's my query!
So, I wrote some simple Protobuf code to decode the data.
syntax = "proto3"
message Airport {
string name = 2;
}
message FlightInfo {
string date = 2;
Airport dep_airport = 13;
Airport arr_airport = 14;
}
message GoogleSucks {
repeated FlightInfo = 3;
}
It works! Now, I won't consider myself an "experienced Protobuf developer" but rather a complete beginner.
I have no idea what I wrote but... it worked! And here it is, fast-flights
.
Yes, please: github.com/AWeirdDev/flights
(c) 2024 AWeirdDev
FAQs
The fast, robust, strongly-typed Google Flights scraper (API) implemented in Python.
We found that fast-flights demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Critics call the Node.js EOL CVE a misuse of the system, sparking debate over CVE standards and the growing noise in vulnerability databases.
Security News
cURL and Go security teams are publicly rejecting CVSS as flawed for assessing vulnerabilities and are calling for more accurate, context-aware approaches.
Security News
Bun 1.2 enhances its JavaScript runtime with 90% Node.js compatibility, built-in S3 and Postgres support, HTML Imports, and faster, cloud-first performance.