DeviantArt API now requires CSRF token

[y-young]

Describe the bug DeviantArt API (https://www.deviantart.com/_napi/da-user-profile/shared_api/deviation/extended_fetch?type=art&deviationid=) now requires a valid CSRF token to be passed via csrf_token parameter.

To Reproduce Steps to reproduce the behavior:

1. Send GET request to https://www.deviantart.com/_napi/da-user-profile/shared_api/deviation/extended_fetch?type=art&deviationid=93506493
2. Returns error:

   {
   "error": "invalid_request",
   "errorDescription": "Invalid or expired form submission",
   "errorDetails": {
     "csrf": "missing"
   },
   "status": "error"
   }

Expected behavior Should be able to get deviation details.

Additional context

• An invalid CSRF token will return:

  {
  "error": "invalid_request",
  "errorDescription": "Invalid or expired form submission",
  "errorDetails": {
    "csrf": "invalid"
  },
  "status": "error"
  }

• A valid token can be obtained by visiting the home page and retrieving from window.__CSRF_TOKEN__ (https://github.com/mikf/gallery-dl/issues/2983)
• CSRF token must be used along with the cookies returned (userinfo), otherwise will be considered invalid
• A valid token can be reused during multiple requests, expiration time is yet unknown