Discuss Scratch
- Discussion Forums
- » Advanced Topics
- » What *exact* url in the API sets cloud data
![[RSS Feed]](//cdn.scratch.mit.edu/scratchr2/static/__9c6d3f90ec5f8ace6d3e8ea1e684b778__//djangobb_forum/img/feed-icon-small.png "[RSS Feed]")
![[RSS Feed]](http://cdn.scratch.mit.edu/scratchr2/static/__9c6d3f90ec5f8ace6d3e8ea1e684b778__//djangobb_forum/img/feed-icon-small.png "[RSS Feed]"){kind=icon}
- Dylan5797
-
Scratcher
1000+ posts
What *exact* url in the API sets cloud data
Really? It seems to work on scratchapi without a projectId cookie.projectId - doesn't this make it redundant…?It is redundant but necessary. Without the projectId cookie, Scratch will reject your request.
- jokebookservice1
-
Scratcher
1000+ posts
What *exact* url in the API sets cloud data
Can I have some help?
import urllib2 as u data = {"username" : "jokebookservice1", "projectId" : "..", "etc." : "etc."} cookies = {"X-CSRFToken" : "[Sensored - security vulnerability]", "scratchsessionid" : "...", "etc." : "etc."} r = u.Request("https://scratch.mit.edu/varserver") r.add_header("Referer", "http://scratch.mit.edu") #Now, urllib2 doesn't have urlencode as far as I am aware, so how do I convert dict -> string/bytes/? r.urlopen(r)
- Dylan5797
-
Scratcher
1000+ posts
What *exact* url in the API sets cloud data
Can I have some help?You are confused about the cookie names.import urllib2 as u data = {"username" : "jokebookservice1", "projectId" : "..", "etc." : "etc."} cookies = {"X-CSRFToken" : "[Sensored - security vulnerability]", "scratchsessionid" : "...", "etc." : "etc."} r = u.Request("https://scratch.mit.edu/varserver") r.add_header("Referer", "http://scratch.mit.edu") #Now, urllib2 doesn't have urlencode as far as I am aware, so how do I convert dict -> string/bytes/? r.urlopen(r)
CSRF Token Cookie : scratchcsrftoken
Sessions ID Cookie : scratchsessionsid
CSRF Token Header : X-CSRFToken
- jokebookservice1
-
Scratcher
1000+ posts
What *exact* url in the API sets cloud data
How would I send a POST request including headers, cookies and an address? (Just in general)
- MegaApuTurkUltra
-
Scratcher
1000+ posts
What *exact* url in the API sets cloud data
It was a while ago the last time I played with the http api. Maybe the ST removed the requirement?Really? It seems to work on scratchapi without a projectId cookie.projectId - doesn't this make it redundant…?It is redundant but necessary. Without the projectId cookie, Scratch will reject your request.
$(".box-head")[0].textContent = "committing AT crimes since $whenever"
- jokebookservice1
-
Scratcher
1000+ posts
What *exact* url in the API sets cloud data
Wait, is X-CSRFToken != scratchcsrftoken
and if not, where do I get the former?
BTW: Thanks for all the help everybody
and if not, where do I get the former?
BTW: Thanks for all the help everybody
- MegaApuTurkUltra
-
Scratcher
1000+ posts
What *exact* url in the API sets cloud data
Wait, is X-CSRFToken != scratchcsrftokenThey should be the same thing.
and if not, where do I get the former?
BTW: Thanks for all the help everybody
Scratch likes to change the cookie a lot so make sure you're sending the right value (what was most recently set) as X-CSRFToken
$(".box-head")[0].textContent = "committing AT crimes since $whenever"
- jokebookservice1
-
Scratcher
1000+ posts
What *exact* url in the API sets cloud data
Ok. I'll do my best, I'll have a go at making a request from the browser by inspecting the elementWait, is X-CSRFToken != scratchcsrftokenThey should be the same thing.
and if not, where do I get the former?
BTW: Thanks for all the help everybody
Scratch likes to change the cookie a lot so make sure you're sending the right value (what was most recently set) as X-CSRFToken
- Discussion Forums
- » Advanced Topics
-
» What *exact* url in the API sets cloud data