Web API for Username to UserID produces abnormal results

Bug Reports Website Bugs
#1

Using the Web API to convert usernames to userID (such as here on the DevForums and using ShortBlox) for any invalid accounts on the platform, the API returns an user ID of zero which causes abnormal redirect for any logged in users.

Specifically, it returns the user ID 0 which shows the user’s own profile instead of 404.

Unknown start date and to reproduce

System logs - wget

wget log: (as a logged out user)

railworks2@Rail-PC:~$ wget https://user.rblx.name/railworks69  
--2020-10-22 15:34:35--  https://user.rblx.name/railworks69
Resolving user.rblx.name (user.rblx.name)... 104.27.138.65, 104.27.139.65, 172.67.209.19, ...
Connecting to user.rblx.name (user.rblx.name)|104.27.138.65|:443... connected
HTTP request sent, awaiting response... 301 Moved Permanently 

Location: https://www.roblox.com/users/profile?username=railworks69 [following]
--2020-10-22 15:34:35--  https://www.roblox.com/users/profile?username=railworks69
Resolving www.roblox.com (www.roblox.com)... 128.116.119.3
Connecting to www.roblox.com (www.roblox.com)|128.116.119.3|:443... connected.
HTTP request sent, awaiting response... 302 Found
Location: /users/0/profile [following]
--2020-10-22 15:34:35--  https://www.roblox.com/users/0/profile
Reusing existing connection to www.roblox.com:443. 
HTTP request sent, awaiting response... 302 Found

Location: https://www.roblox.com/request-error?code=404 [following]
--2020-10-22 15:34:35--  https://www.roblox.com/request-error?code=404
Reusing existing connection to www.roblox.com:443.
HTTP request sent, awaiting response... 404 Not Found
2020-10-22 15:34:36 ERROR 404: Not Found.

wget logs: (as logged in as me)

railworks2@Rail-PC:~$ wget https://user.rblx.name/railworks69 --header "Cookie: .ROBLOSECURITY=REDACTED"
--2020-10-22 15:58:30--  https://user.rblx.name/railworks69
Resolving user.rblx.name (user.rblx.name)... 104.27.139.65, 172.67.209.19, 104.27.138.65, ...
Connecting to user.rblx.name (user.rblx.name)|104.27.139.65|:443... connected.
HTTP request sent, awaiting response... 301 Moved Permanently

Location: https://www.roblox.com/users/profile?username=railworks69 [following]
--2020-10-22 15:58:30--  https://www.roblox.com/users/profile?username=railworks69
Resolving www.roblox.com (www.roblox.com)... 128.116.119.3
Connecting to www.roblox.com (www.roblox.com)|128.116.119.3|:443... connected.
HTTP request sent, awaiting response... 302 Found
Location: /users/8403307/profile [following]

--2020-10-22 15:58:30--  https://www.roblox.com/users/8403307/profile
Reusing existing connection to www.roblox.com:443.
HTTP request sent, awaiting response... 200 OK
Length: 100660 (98K) [text/html]
Saving to: ‘railworks69’
2020-10-22 15:58:31 (805 KB/s) - ‘railworks69’ saved [100660/100660]```

If you require any further specifics or details, let me know.

7 Likes
#2

I have a feeling this could be happening to prevent search engines from showing results for banned profiles, although this is just a speculation.

2 Likes
#3

Exiting User:
Usering - Roblox
Banned User:
https://www.roblox.com/users/profile?username=corona2020
Invalid User:
https://www.roblox.com/users/profile?username=Noli

any known non existant or banned user

Uh, non-existent user redirects to your own profile (redirect to error 404 if you’re not logged in).

Non-existent user now redirects to error 404.*

Banned user directs to error 404.

*Edit. Now, non-existent users redirect to error 404 instead of your own profile.

2 Likes
#4

If that was the case, would it not better to use HTTP code 301 or 307? As it should mean it shouldn’t be cached by search engines iirc.

1 Like
#5

Updated post to reflect that minor error. Thanks for the reply

1 Like
#6

It should probably return HTTP code 404 as the user doesn’t exist and couldn’t possibly be found

3 Likes
#7

Thanks for the report! We will fix this soon.

4 Likes
#8

This should be fixed now. Let me know if you have any further problems.

2 Likes
#9

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.