aaronmanning/letterboxd-export
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix duplicate csrf value bug

Browse Source 
letterboxd appears to now send multiple csrf set-cookie headers
one of which is empty. this means that we are now required to
check both of these to make sure we grab the correct one.
This commit is contained in:
Aaron Manning 2024-11-17 15:55:18 +11:00
parent d2978bb1c7
commit 5ac9cdb103
1 changed files with 15 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
src/main.rs
View File

@ -38,26 +38,28 @@ fn main() -> anyhow::Result<()> {
let args : Args = clap::Parser::parse();
let client = reqwest::blocking::ClientBuilder::new()
// CSRF cookies and login cookies must be passed between requests for authentication to
// succeed
// CSRF cookies and login cookies must be passed between requests for
// authentication to succeed
.cookie_store(true)
.build()?;
let home_response = client.get("https://letterboxd.com")
.header("user-agent", "Mozilla/5.0 (X11; Linux x86_64; rv:132.0) Gecko/20100101 Firefox/132.0")
.header("accept", "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8")
.send()?;
let home_cookies = home_response.headers()
.get("set-cookie")
.context("did not recieve csrf cookie when making home page request")?
.to_str()
.context("cookie value could not be read as string")?;
.get_all("set-cookie");
let cookie = cookie::Cookie::parse(home_cookies).context("failed to parse cookie value")?;
let csrf = if cookie.name() == "com.xk72.webparts.csrf" {
cookie.value()
} else {
anyhow::bail!("unexpected cookie from home page request")
};
let mut csrf = None;
for cookie in home_cookies {
if let Ok(cookie) = cookie.to_str() {
let cookie = cookie::Cookie::parse(cookie).context("failed to parse cookie value")?;
if cookie.name() == "com.xk72.webparts.csrf" && cookie.value() != "" {
csrf = Some(cookie.value().to_owned());
}
}
}
let login = Login {
username : &match args.username {
@ -79,7 +81,7 @@ fn main() -> anyhow::Result<()> {
}
},
authentication_code : "",
csrf,
csrf: &csrf.context("csrf cookie was not found when fetching homepage")?,
};
let login = serde_urlencoded::to_string(&login)