Pavel Korytov :emacs:☮️ on Nostr: Well, I've done it, it seems. Another wrinkle: one also has to get a cookie from the ...
Well, I've done it, it seems.
Another wrinkle: one also has to get a cookie from the response at step (1) and use it in requests in (2) and (3). Otherwise, the request in (2) returns everything as normal except authenticity_token.
And somehow the URL in step (3) is malformed (or escaped?), so it's necessary to replace "&" with plain "&". Otherwise, once again, step (4) returns everything as normal except that it just doesn't return the cookie.
This is definitely the most complex authorization flow I've successfully figured out so far.
I'll submit a PR to #rssbridge, as always, if this bridge keeps working for at least a week. And hopefully the admins won't decide to check suspicious activity in logs.
#RSS
Another wrinkle: one also has to get a cookie from the response at step (1) and use it in requests in (2) and (3). Otherwise, the request in (2) returns everything as normal except authenticity_token.
And somehow the URL in step (3) is malformed (or escaped?), so it's necessary to replace "&" with plain "&". Otherwise, once again, step (4) returns everything as normal except that it just doesn't return the cookie.
This is definitely the most complex authorization flow I've successfully figured out so far.
I'll submit a PR to #rssbridge, as always, if this bridge keeps working for at least a week. And hopefully the admins won't decide to check suspicious activity in logs.
#RSS