I think this error is returned when you don’t create an authenticated session, basically roblox wants you to send the request as a signed in user, but you’re sending it as a guest who hasn’t signed in.
3 Likes
did u enable all the stuff in security game settings? if u try connecting ur game to external servers u need http service enabled
2 Likes
usually with http requests i had that issue but i dont remember the error name so i could be wrong
1 Like
I am not sending this in game, i am requesting the HTTP from my phone.
My account is already logged in.
Roblox announced Account Session Protection, which makes cookies useless unless you enable some settings on your account.
Also, did you even include the .ROBLOSECURITY cookie in your HTTP requests?
Logged in on device/website =/= Logged in on HTTP
1 Like
Yes i did put an x-csrf-token header in my request.
Your X-CSRF-Token changes after a while, it would be nice if you could provide your code for us to look at.
I didnt code it, it is like a scratch thing i was using.
1 Like
I’m confused, are you using some sort of code block editor for Studio? This thread is lacking important context we need to help you
No, i use macrodroid in android which lets me code in blocks
And i am making an HTTP post request to https://users.roblox.com/v1/description with headers :
X-CSRF-Token : roblosecurity
1 Like
X-CSRF =/= .ROBLOSECURITY.
Headers =/= Cookies.
The cause of the error is that you did not include the .ROBLOSECURITY in the cookies.
In cookies you need:
.ROBLOSECURITY: _|WARNING...
And in the headers:
X-CSRF-Token: <random>...
You can get the .ROSEC from inspect element → storage → .ROBLOSECURITY (FireFox)
You can get the X-CSRF-Token from https://auth.roblox.com/v2/logout (.ROSEC required)
1 Like
How can i add the Cookies you meant? Im confused.
You are using a mobile app, right?
1 Like
Yes.
Character fillerrrrrrrrrrrrrrrr.
Go to where you enter your cookies and fill out:
.ROBLOSECURITY : Your cookie
Then, go to headers and fill out:
X-CSRF-Token: Your token
1 Like
Isn’t there any way to apply cookies?
I think no,
Mine is only showing Settings/Query Params/Content Body/Header Params.