Google Drive script returns 403 when attempting to get video

[AggressivelyMeows]

Trying to queue a google drive video (with userscript installed) leads to the player failing saying "The media could not be loaded...". In the network tab, every request from cytube to google was a 403. However, when I opened the url, it loaded fine.

Several of our users are having this issue while others do not. Im not sure if this is our end or cytubes.

[AggressivelyMeows]

*Forgot to mention, the video was added using both /edit and /preview. Both links work without logging in.

[calzoneman]

Have you tried going through these troubleshooting steps?

[AggressivelyMeows]

Yea, I've reinstalled tampermonkey and the script several times and its come up with the same problem. Firefox is having the same issue too. (I'm using chrome right now)

[calzoneman]

Ok, but did you try the other troubleshooting steps in that wiki, regarding third-party cookies and adblockers/privacy extensions?

[AggressivelyMeows]

Yes. I've disabled my adblock, i allowed third party's to my cookies. Its all not working http://prntscr.com/g9hvco

[calzoneman]

Unfortunately I don't really have a good answer to this. 403 means Google Drive rejected the request as invalid for some reason, most commonly this is due to the 3rd-party cookie issue, but there could be more validations that I'm not aware of. Another possibility is that if you are using a network where your externally-visible IP address might change (e.g. a mobile network, a school/business network), that could cause the requested link to become invalid, but I kind of doubt that would be happening.

If you can save the failed requests (right click -> save as HAR) I can look if there is anything unusual, but no guarantees I will be able to find anything. I'm not sure if there's any private information in Chrome's HAR exporter, but you can look through the saved file and if you prefer, you can redact any private information and email it to cyzon@cytu.be.

[calzoneman]

I compared your request against a successful one and found that your browser is not sending the cookies Google expects; for reference here's a snippet from a HAR I saved from my computer:

"cookies": [                                                                     
    {                                                                              
      "name": "DRIVE_STREAM",                                                      
      "value": "<blah>",                                                      
      "expires": null,                                                             
      "httpOnly": false,                                                           
      "secure": false                                                              
    },                                                                             
    {                                                                              
      "name": "NID",                                                               
      "value": "<blah>",
      "expires": null,                                                             
      "httpOnly": false,                                                           
      "secure": false                                                              
    }                                                                              
  ]

I just realized that Chrome changed their settings UI a bit so the troubleshooting guide may not be showing the correct place to unblock 3P cookies.

1. Go to Settings
2. Search for "Cookies"
3. Click on "Content settings", then "Cookies"
4. Ensure "Block third-party cookies" is toggled off

If you have confirmed that this is toggled off, check for any other privacy-related extensions you may have that might be duplicating this behavior of stripping out third-party cookies. You can go to Extensions (top right button -> More tools -> Extensions), disable everything (excluding Tampermonkey, which is required for the script to work), and re-enable one by one until you pinpoint the cause of the problem.

[AggressivelyMeows]

I checked my extensions. For some reason http://lab.ejci.net/Chrome-Audio-EQ/ was blocking the requests. It wasn't even one of the extensions i would think to do this either.

[kode54]

Posting another hint in case anyone runs into this one: Privacy Badger is another script that doesn't like Google's scripts being inserted into the page, and automatically blocks them. Cytube needs to be whitelisted in Privacy Badger, as the Google Drive domains keep changing.

[AssTractionHero]

I usually just disable Privacy Badger completely on the CyTube tab. It's prone to block trackers that are necessary for the userscript to work. And CyTube itself doesn't use any invasive trackers, so you're not really losing anything.

On Fri, Aug 10, 2018 at 8:11 PM Christopher Snowhill < notifications@github.com> wrote:

Posting another hint in case anyone runs into this one: Privacy Badger is another script that doesn't like Google's scripts being inserted into the page, and automatically blocks them. Cytube needs to be whitelisted in Privacy Badger, as the Google Drive domains keep changing.

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/calzoneman/sync/issues/700#issuecomment-412246951, or mute the thread https://github.com/notifications/unsubscribe-auth/AYvRkcO8UwnW44ZJwakucXwMJ6K-3Up8ks5uPktxgaJpZM4O51Tr .

-- 666Baphomet999 Ordained Priest of Dudeism at the Church of the Latter-Day Dude - dudeism.com http://dudeism.com https://cytu.be/r/The_Gates_of_Hell https://cytu.be/r/The_Gates_of_Hell Steam: w_ron_g Skype: w_ron_g