I want to create a basic Python program that should be able to do website actions such as posting a comment or anything basic. When I make a request with the X-CSRF-TOKEN and .ROBLOSECURITY it will pass me an error and a csrf token that should work, while that doesn’t sound anything bad the one I passed to the request and the one I got back is exactly the same?
Code:
authurl = "https://auth.roblox.com/v2/logout"
def getXsrf():
xsrfRequest = requests.post(authurl, cookies={
'.ROBLOSECURITY': roblosecurity
})
if xsrfRequest.status_code == 401:
print("Invalid ROBLOSECURITY)
exit()
else:
print("Validation success.")
return xsrfRequest.headers["x-csrf-token"]
def postRequest(url, params = {}):
a1 = getXsrf()
request = requests.post(url, cookies={
'.ROBLOSECURITY': roblosecurity,
'X-CSRF-TOKEN': a1
})
print(request.content)
print(a1,request.headers["x-csrf-token"])
Output:
Validation success.
{"errors":[{"code":0,"message":"Token Validation Failed"}]}
6tZUktVBzEhS 6tZUktVBzEhS
I have tried so far to use lowercase x-csrf in the request but nothing is working.