nprofile1q…vss2n Finally found the culprit, the following code should work :) ``` ...

Leonard/Janis Robert König /

npub1uf6…774h

2024-12-29 17:34:56

in reply to nevent1q…0z4s

nprofile1qy2hwumn8ghj7un9d3shjtnddaehgu3wwp6kyqpq6mtxp68k8c3p2sj0wzhagt3kd8ywkvzlkfyt3vrx9cahzfz000vsmvss2n (nprofile…ss2n) Finally found the culprit, the following code should work :)

```
#! /bin/sh

# Dependencies:
# * cURL
# * htmlq: https://github.com/mgdm/htmlq

ENDPOINT='https://flask.io';

if [ "$#" -ne 2 ]; then
printf 'newtask <flask ID> <new item name>\n' >&2
exit 1
fi

flasklist="$1"
item="$2"

cookies="/tmp/flasker_cookiejar_$flasklist.txt"
csrf_token=$(curl --silent -c "$cookies" -b "$cookies" "$ENDPOINT/$flasklist" | htmlq --attribute 'content' 'meta[name=csrf-token]')

# 1. We do want to URL-Encode the checkmark emoji
# 2. We also want to encode "$item" but the [], too, so we pre-encode it
# 3. We do want to encode "Save Task" but cURL encodes space as "+" and not %20
# so we pre-encode it and prevent re-encoding through cURL.
curl --silent \
-c "$cookies" \
-b "$cookies" \
-H "X-Csrf-Token: $csrf_token" \
--data-urlencode "utf8=✓" \
--data-urlencode "task%5Bdescription%5D=$item" \
--data-urlencode "=commit=Save%20Task" \
"$ENDPOINT/$flasklist/tasks"
```

Short explanation: You also need to send the X-Csrf-Token which we need to parse from the HTML. Also some of the data needs to be differently encoded :)

Author Public Key

npub1uf6cu9nwq4tvcrgeahfxf2mx9ppq4nxdldf22a0kmhtuk7dq2mjqmm774h

Show more details

Published at

2024-12-29 17:34:56

Kind type

1 Short Text Note

Event JSON

{ "id": "429bbae6d21f95a7f6c1abbe878d0a68dd5509ac0e0fa62528a72fbc0377655b", "pubkey": "e2758e166e0556cc0d19edd264ab6628420acccdfb52a575f6ddd7cb79a056e4", "created_at": 1735493696, "kind": 1, "tags": [ [ "p", "d6d660e8f63e2215424f70afd42e3669c8eb305fb248b8b0662e3b71244f7bd9", "wss://relay.mostr.pub" ], [ "p", "0abc897a05eca0849f658dc45fb983e46041d357150b09df857131e7a7552848", "wss://relay.mostr.pub" ], [ "e", "436f568c4246773631ba0bb19dfc8dda08947f6466cfe0afcdc9a3d66762e677", "wss://relay.mostr.pub", "reply" ], [ "proxy", "https://todon.eu/users/ljrk/statuses/113737314910032781", "activitypub" ] ], "content": "nostr:nprofile1qy2hwumn8ghj7un9d3shjtnddaehgu3wwp6kyqpq6mtxp68k8c3p2sj0wzhagt3kd8ywkvzlkfyt3vrx9cahzfz000vsmvss2n Finally found the culprit, the following code should work :)\n\n```\n#! /bin/sh\n\n# Dependencies:\n# * cURL\n# * htmlq: https://github.com/mgdm/htmlq\n\nENDPOINT='https://flask.io'\n\nif [ \"$#\" -ne 2 ]; then\n\tprintf 'newtask \u003cflask ID\u003e \u003cnew item name\u003e\\n' \u003e\u00262\n\texit 1\nfi\n\nflasklist=\"$1\"\nitem=\"$2\"\n\ncookies=\"/tmp/flasker_cookiejar_$flasklist.txt\"\ncsrf_token=$(curl --silent -c \"$cookies\" -b \"$cookies\" \"$ENDPOINT/$flasklist\" | htmlq --attribute 'content' 'meta[name=csrf-token]')\n\n# 1. We do want to URL-Encode the checkmark emoji\n# 2. We also want to encode \"$item\" but the [], too, so we pre-encode it\n# 3. We do want to encode \"Save Task\" but cURL encodes space as \"+\" and not %20\n# so we pre-encode it and prevent re-encoding through cURL.\ncurl --silent \\\n\t-c \"$cookies\" \\\n\t-b \"$cookies\" \\\n\t-H \"X-Csrf-Token: $csrf_token\" \\\n\t--data-urlencode \"utf8=✓\" \\\n\t--data-urlencode \"task%5Bdescription%5D=$item\" \\\n\t--data-urlencode \"=commit=Save%20Task\" \\\n\t\"$ENDPOINT/$flasklist/tasks\"\n```\n\nShort explanation: You also need to send the X-Csrf-Token which we need to parse from the HTML. Also some of the data needs to be differently encoded :)", "sig": "db8664c0ff108f12a0cfc1e00e2358954b5df16f4c774ecf763af193b11b15beaf9c23d778364356de3fc351f49fda2eb57570a608157179d1c38a8d64d49aae" }