qbt_login fails if qbittorrent has CSRF disabled

soxfor / qbittorrent-natmap

The objective of this container is to run a script that requests a port forward (via NAT-PMP) from the VPN provider and upon success changes the listening port of the qBittorrent client when running in Docker

149 stars 18 forks source link

qbt_login fails if qbittorrent has CSRF disabled #6

Closed soxfor closed 1 year ago

soxfor commented 1 year ago

Reported by user on Reddit.

When CSRF is on, the curl command output contains a line like

set-cookie: SID=XXXXXXXXXXXXXXXXXXXXXX; HttpOnly; path=/; SameSite=Strict

Without CSRF, it loses the "SameSite=Strict"

set-cookie: SID=XXXXXXXXXXXXXXXXXXXXXX; HttpOnly; path=/;

If I grep both of those lines with whats in the qbt_login() function

grep -oP '(?!set-cookie:.)SID=.*(?=\;.HttpOnly\;.path=/\;)'