mirror_maker/fedi-block-api
1
0
Fork 0
mirror of https://git.kiwifarms.net/mint/fedi-block-api.git synced 2024-10-22 23:29:06 +00:00
Code Issues Projects Releases Packages Wiki Activity

Handle CSRF tokens on masto endpoint

Browse source
This commit is contained in:
Mint 2022-12-28 20:36:26 +03:00
parent 46e0ac0c0a
commit 34bbe9e323
1 changed files with 13 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
fetch_blocks.py
View file

@ -297,8 +297,20 @@ for blocker, software in c.fetchall():
"followers_only": [], "followers_only": [],
"report_removal": [] "report_removal": []
} }
# handling CSRF, I've saw at least one server requiring it to access the endpoint
meta = BeautifulSoup(
get(f"https://{blocker}/about", headers=headers, timeout=5).text,
"html.parser",
)
try:
csrf = meta.find("meta", attrs={"name": "csrf-token"})["content"]
reqheaders = {**headers, **{"x-csrf-token": csrf}}
except:
reqheaders = headers
blocks = get( blocks = get(
f"https://{blocker}/api/v1/instance/domain_blocks", headers=headers, timeout=5 f"https://{blocker}/api/v1/instance/domain_blocks", headers=reqheaders, timeout=5
).json() ).json()
for block in blocks: for block in blocks:
entry = {'domain': block['domain'], 'hash': block['digest'], 'reason': block['comment']} entry = {'domain': block['domain'], 'hash': block['digest'], 'reason': block['comment']}