Closed Warhead007 closed 1 year ago
I found two parameters added to the interface, "msToken" and "X-Bogus",But the links generated in the code don't have those two parameters, which are probably new additions to tiktok. So the code is invalid, I wonder if the author has updated this problem
not required:
required:
the sec request headers should look like this:
'sec-fetch-dest': 'empty',
'sec-fetch-mode': 'cors',
'sec-fetch-site': 'same-site'
these are enforced inside of browsers. the request headers above will be applied by the browser if you run fetch while navigated to https://www.tiktok.com
tools like curl/python can manually set these headers, but will have different browser fingerprints, thus will not work.
playwright or puppeteer, for example, will work if you first navigate to tiktok.com and then evaluate a fetch request to this endpoint.
i've not found proof that you can successfully run this request outside of a browser due to fingerprinting, please prove me wrong
Changes for https://us.tiktok.com/api/post/item_list
not required:
- msToken
- X-Bogus
- _signature
required:
- query parameters (?aid=1988&app_language=en&app_name=tiktok_web&browser_language=en-US&browser_name=Mozilla&browser_online=true&browser_platform=Win32&browser_version=5.0%20%28Windows%29&channel=tiktok_web&cookie_enabled=true&device_id=some long number&device_platform=web_pc&focus_state=true&from_page=user&history_len=7&is_fullscreen=false&is_page_visible=true&os=windows&priority_region=&referer=®ion=US&screen_height=1080&screen_width=1920)
- x-tt-params header (history_len changed to 7, doesn't seem important though)
- sec fetch request headers
- valid browser fingerprint (firefox & chrome seem to work)
the sec request headers should look like this:
'sec-fetch-dest': 'empty', 'sec-fetch-mode': 'cors', 'sec-fetch-site': 'same-site'
these are enforced inside of browsers. the request headers above will be applied by the browser if you run fetch while navigated to https://www.tiktok.com
tools like curl/python can manually set these headers, but will have different browser fingerprints, thus will not work.
playwright or puppeteer, for example, will work if you first navigate to tiktok.com and then evaluate a fetch request to this endpoint.
i've not found proof that you can successfully run this request outside of a browser due to fingerprinting, please prove me wrong
when executing inside browser X-bogus, msToken, _signature parameters will be generated before sending GET or POST request
For anyone still needing to get around this issue, I'm working on my own library that does work with getting videos under a tag. You don't need to preload any cookies because it doesn't handle API calls in the same way. I have yet to need to provide a proxy for bulk scraping. The methodology to get a large number of videos from a tag or user or comments under a video is handled a bit different, but this is explained in the documentation. I've provided a simple example for how to iterate over user videos with both the synchronous and asynchronous versions of the library. I am actively working on the development of the library and am open to issues and contributions.
Should be fixed in V6 I think?
Hi I got error when use user.viedo() API error is
sample code is