Getting XCSRF TOKEN with python

ClientRecon · October 29, 2020, 11:35am

Yes I did some researched and none of them work.

How do I get my XCSRF Token using the Python Requests Library? I need it to avoid getting Status Code 403 since I am trying to make a Group Shout BOT.

Affenity · October 29, 2020, 11:51am

When getting a 403 error due to an invalid xcsrf token (or none provided), you should be able to find a new one in the response headers if you look closely enough.

ClientRecon · October 29, 2020, 11:35pm

Yeah I did

print(r.header)

And it showed me a list so I looked for the xcsrf but I couldnt find it.

B_arocena · October 29, 2020, 11:43pm

you need to send your cookie in header with v2/logout api to get your xcsrf token from response header

ClientRecon · October 29, 2020, 11:59pm

logout_data = {
    'Accept':'application/json',
    'Cookie': 'my.ROBLOSECURITY'
}

h = requests.post("https://auth.roblox.com/v2/logout",headers=logout_data)
print(h.headers)

I still cant find xcsrf

B_arocena · October 30, 2020, 12:05am

you need to send your cookie like this

add .ROBLOSECURITY= before your actual cookie

ClientRecon · October 30, 2020, 12:08am

Still no XCSRF, can you send your own output? Blur the XCSRF token though.

IronRobotStudios · October 30, 2020, 12:11am

Try formatting your request like this

h = requests.post("https://auth.roblox.com/v2/logout", headers=logout_data, cookies={
    '.ROBLOSECURITY': '[REDACTED]'
})
print(h.headers)

B_arocena · October 30, 2020, 12:16am

green one is the token

ClientRecon · October 30, 2020, 12:48am

Yup, mine only shows -1 while the rest doesnt… NVM it works