Facebook has a tool in settings page, it can bulk modify post privacy settings for old posts, the tool is called "Limit old posts".
However, the tool can only modify posts that are shared with "Public" or "Friends of friends". So my script attempts to solve this problem.
Warning: this is a super hacky proof of concept project that contains a lot of dirty and badly written code, but hey, it works for me.
Facebook Graph API does not offer a way to modify post privacy settings, so my script needs you to steal cookies from a logged in browser, and send resuests emulating the browser to modify post privacy settings.
cd
, space, then drag the unzipped folder onto the terminal window.user_posts
, click "Obtain Access Token", copy the text in the field "Access Token", it usually starts with EAACE....
, this is the TOKEN
parameter, save it somewhere./privacy/selector/update/
into the filter field.?privacy_fbid
, a panel will open to the right, scroll down and find the "Request Headers" section, in the section find the cookie:
field, copy all the text, this is the COOKIE
parameter, save it somewhere.BODY
parameter, save it somewhere.USER_ID
parameter.process.py
using a text editor, fill in the parameters you have saved: TOKEN
, USER_ID
, BODY
, COOKIE
, always put your text within single quotes, for example USER_ID='10000012345678'
SINCE
and UNTIL
parameter, for example: SINCE=calendar.timegm(date(2011,8,1).timetuple())
this would mean to modify all posts since 2011/8/1.process.py
.python process.py
, hit enter, and the script will start to run, if you see something like Setting 64123317123111234 result code=200
, the script is running successfully. (result code 200 mean success, otherwise failure). You can hit Ctrl+C to stop the script any time.This script first uses Graph API to grab all post ID's from a specific timeframe, then emulate browser requests to each of them.
However, I found that the wacky Graph API /user_id/posts endpoint does not actually show all posts, so there needs to be another way to grab all post IDs.
TOKEN
: a valid Facebook OAuth client token that is authorized to read your own timeline, you can go to Facebook Graph API Explorer, click "Get Token", authorize it with user_posts
permission, and copy the token here.
privacy_setting
: target privacy setting you wish to set. You can use 286958161406148
for "Only me". To use other values, open your browser developer console's network tab, then change privacy setting to what you want (Friends, Public, Custom list, etc) for an arbitrary post, monitor the dev console for xhr POST request to /privacy/selector/update/
, inside the request HTTP query strings, post_param
is the id for that privacy setting. Set this privacy_setting
to the privacy setting id you want to use.
BODY
: also from the request intercepted above, copy the request body here. It usually starts with __user=....
.
COOKIE
: steal cookies also from that intercepted request, you can find it in cookie
request header.
One way to grab all post IDs is:
Open your profile page on a browser
Find something small and heavy to keep your End
key (Fn+Down
for Mac) pressed down
Go to lunch
In the browser, save the page
Use the following command to get all post IDs that is on the saved HTML page:
egrep -oh 'top_level_post_id":"(\d+)"' Your_page.html | cut -c 31-45
Save post IDs to a file post_ids
Then, process_from_ids.py
can read post IDs from that file and modify privacy settings for them.
Note: maybe later I can use Casperjs to grab the post IDs, maybe even get cookie by emulating login on Casperjs
AGPLv3