A small package providing methods for retrieving Strava's HTTP cookies needed to download Strava's global heatmap in high resolution.
stravacookies is a small python package providing a few classes for retrieving HTTP cookies from Strava web servers.
These cookies allow web browsers to get the high-resolution version of the Global Strava Heatmap. The very same cookies can also be used by cartographic applications (such as JOSM and Cartograph Maps) to get Strava Heatmap tiles via Tile Map Service (TMS).
Permission to use the hi-res Strava Heatmap in JOSM has been granted by Strava, see https://wiki.openstreetmap.org/wiki/Strava and https://wiki.openstreetmap.org/wiki/Permissions/Strava
Hi-res Gloval Strava Heatmap is available to Strava registered users only. When you click to https://www.strava.com/heatmap and login to Strava, your browser gets several cookies that it includes in later requests to be granted permission to download the hi-res tiles of the Strava Heatmap.
The authentication process consist of three steps:
email=<STRAVA_EMAIL>, password=<STRAVA_PASSWORD>,
remember-me checkbox set,
and in exchange it receives _strava4_session, strava_remember_id, and strava_remember_tokencookies from the server.CloudFront-Signature, CloudFront-Policy, and CloudFront-Key-Pair-Id cookies from server.The last three cookies are those needed to allow the browser to download the high-res heatmap tiles. Concatenating the cookie strings to the TMS URLs (as shown below) allows external applications (such as JOSM or Cartograph Maps) to download the hi-res tiles from Strava.
Example of a TMS URL that can be used in JOSM to get the hi-res version of the Strava Heatmap:
tms[3,15]:https://heatmap-external-{switch:a,b,c}.strava.com/tiles-auth/run/hot/{zoom}/{x}/{y}.png?Key-Pair-Id=<YOUR_KEY_PAIR_ID_COOKIE_VALUE>&Policy=<YOUR_POLICY_COOKIE_VALUE>&Signature=<YOUR_SIGNATURE_COOKIE_VALUE>
Cookies expire, so it is necessary to re-login to Strava from time to time to get up to date cookies.
To download all needed Strava cookies, a Strava account (email/password) is needed. Facebook/Google/Apple login to Strava is not supported. You can register to Strava at https://www.strava.com/register.
stravacookies is distributed under the GPL v3.0 licence.
FAQs
A small package providing methods for retrieving Strava's HTTP cookies needed to download Strava's global heatmap in high resolution.
We found that stravacookies demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.