Open dnicolson opened 2 months ago
The cookies from your browser get rotated after a few minutes, thus becoming invalid. Nothing can be done about that unfortunately.
It doesn't seem to be a cookie expiration issue, as the immediate use of cookies also fails. Instead, it appears that browser mechanisms are preventing external clients.
Cookies work in the yt-playlists-delete-enhancer Userscript and I assume the Subscribe to YouTube Playlists browser extension.
It is still interesting that valid browser cookies will give a more populated getHistory()
response, seemingly validating the cookie but not entirely.
Cookies can work, but these two keys need to be manually copied because they are HttpOnly
:
__Secure-1PSID
__Secure-1PSIDTS
If these keys are appended to the document.cookie
value, requests from Node.js are possible.
Requests from a Userscript or extension on youtube.com work with just document.cookie
though.
I wonder if this is documented anywhere, or if it should be?
Steps to reproduce
Failure Logs
Expected behavior
The cookie should function similarly to OAuth authentication.
Current behavior
As documented in #703, there is a difference between no cookies, invalid cookies, and authentic cookies. This doesn't appear to be the case for all endpoints though.
When running in the browser with a Userscript there is no issue. It's not clear what is different as the headers and payload look comparable.
Version
Default
Anything else?
No response
Checklist