[twitter] implement 'csrf' option (#2676)

2 years ago · 9c8d895d19
parent 08db8435f1
commit 9c8d895d19
2 changed files with 18 additions and 2 deletions
--- a/docs/configuration.rst
+++ b/docs/configuration.rst
@ -2271,6 +2271,19 @@ Description
    <https://help.twitter.com/en/using-twitter/twitter-conversations>`__.


+extractor.twitter.csrf
+----------------------
+Type
+    ``string``
+Default
+    ``"cookies"``
+Description
+    Controls how to handle Cross Site Request Forgery (CSRF) tokens.
+
+    * ``"auto"``: Always auto-generate a token.
+    * ``"cookies"``: Use token given by the ``ct0`` cookie if present.
+
+
 extractor.twitter.size
 ----------------------
 Type
--- a/gallery_dl/extractor/twitter.py
+++ b/gallery_dl/extractor/twitter.py
@ -873,8 +873,11 @@ class TwitterAPI():
        cookies = extractor.session.cookies
        cookiedomain = extractor.cookiedomain

-        # CSRF
-        csrf_token = cookies.get("ct0", domain=cookiedomain)
+        csrf = extractor.config("csrf")
+        if csrf is None or csrf == "cookies":
+            csrf_token = cookies.get("ct0", domain=cookiedomain)
+        else:
+            csrf_token = None
        if not csrf_token:
            csrf_token = util.generate_token()
            cookies.set("ct0", csrf_token, domain=cookiedomain)