Closed sentanos closed 9 years ago
Based on my testings, they do respond when the cookie is invalid.
I thought so too, but I ran into some problems yesterday with logging in and from what I can see right now it returns 200 even if you don't have a cookie header.
I did not find this problem with this specific file but I suspect it may be in it.
I believe the reason for 302 redirect error is because the cookie I'm inputting is invalid, thus ROBLOX errors and redirects you to their error page. This can also be produced by inputting non-integer groupId, roleSetId, etc.
This is what I did for testing.
That website is nice. Anyway I did some testing again and it seems you're right. For now I'll just update ROBLOSECURITY when success is false. I'll try to find a better solution later if possible.
Did some testing and change-rank API won't actually respond 302 (or anything different, for that matter) when you are not logged in.
I think the only way to work this would be to login periodically (every 24-48 hours).