Discuss Scratch
- Discussion Forums
- » Advanced Topics
- » What *exact* url in the API sets cloud data
- Dylan5797
- Scratcher
1000+ posts
What *exact* url in the API sets cloud data
Really? It seems to work on scratchapi without a projectId cookie.It is redundant but necessary. Without the projectId cookie, Scratch will reject your request. projectId - doesn't this make it redundant…?
- jokebookservice1
- Scratcher
1000+ posts
What *exact* url in the API sets cloud data
Can I have some help?
import urllib2 as u data = {"username" : "jokebookservice1", "projectId" : "..", "etc." : "etc."} cookies = {"X-CSRFToken" : "[Sensored - security vulnerability]", "scratchsessionid" : "...", "etc." : "etc."} r = u.Request("https://scratch.mit.edu/varserver") r.add_header("Referer", "http://scratch.mit.edu") #Now, urllib2 doesn't have urlencode as far as I am aware, so how do I convert dict -> string/bytes/? r.urlopen(r)
- Dylan5797
- Scratcher
1000+ posts
What *exact* url in the API sets cloud data
You are confused about the cookie names. Can I have some help?import urllib2 as u data = {"username" : "jokebookservice1", "projectId" : "..", "etc." : "etc."} cookies = {"X-CSRFToken" : "[Sensored - security vulnerability]", "scratchsessionid" : "...", "etc." : "etc."} r = u.Request("https://scratch.mit.edu/varserver") r.add_header("Referer", "http://scratch.mit.edu") #Now, urllib2 doesn't have urlencode as far as I am aware, so how do I convert dict -> string/bytes/? r.urlopen(r)
CSRF Token Cookie : scratchcsrftoken
Sessions ID Cookie : scratchsessionsid
CSRF Token Header : X-CSRFToken
- jokebookservice1
- Scratcher
1000+ posts
What *exact* url in the API sets cloud data
How would I send a POST request including headers, cookies and an address? (Just in general)
- MegaApuTurkUltra
- Scratcher
1000+ posts
What *exact* url in the API sets cloud data
It was a while ago the last time I played with the http api. Maybe the ST removed the requirement?Really? It seems to work on scratchapi without a projectId cookie.It is redundant but necessary. Without the projectId cookie, Scratch will reject your request. projectId - doesn't this make it redundant…?
$(".box-head")[0].textContent = "committing AT crimes since $whenever"
- jokebookservice1
- Scratcher
1000+ posts
What *exact* url in the API sets cloud data
Wait, is X-CSRFToken != scratchcsrftoken
and if not, where do I get the former?
BTW: Thanks for all the help everybody
and if not, where do I get the former?
BTW: Thanks for all the help everybody
- MegaApuTurkUltra
- Scratcher
1000+ posts
What *exact* url in the API sets cloud data
They should be the same thing. Wait, is X-CSRFToken != scratchcsrftoken
and if not, where do I get the former?
BTW: Thanks for all the help everybody
Scratch likes to change the cookie a lot so make sure you're sending the right value (what was most recently set) as X-CSRFToken
$(".box-head")[0].textContent = "committing AT crimes since $whenever"
- jokebookservice1
- Scratcher
1000+ posts
What *exact* url in the API sets cloud data
Ok. I'll do my best, I'll have a go at making a request from the browser by inspecting the elementThey should be the same thing. Wait, is X-CSRFToken != scratchcsrftoken
and if not, where do I get the former?
BTW: Thanks for all the help everybody
Scratch likes to change the cookie a lot so make sure you're sending the right value (what was most recently set) as X-CSRFToken
- Discussion Forums
- » Advanced Topics
- » What *exact* url in the API sets cloud data