From 9fdfd6d3ba84c83daa3d15d666602779ff54e5f3 Mon Sep 17 00:00:00 2001 From: Henrik Heimbuerger Date: Sun, 17 Jan 2021 15:46:33 +0100 Subject: [PATCH] [nebula] Prevent cookies from breaking Nebula auth When the 'sessionid' cookie is submitted to the `/auth/login/` endpoint, the response is always a 403. This typically happens when youtube_dl is run with both `--netrc` and `--cookies` as your default configuration. In that situation, the first authentication succeeds and stores the `sessionid` cookie in the cookie jar. During subsequent authentication attempts, the cookie is sent alongside and causes the authentication to fail. This is very unexpected and we therefore specifically handle this case. --- youtube_dl/extractor/nebula.py | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/youtube_dl/extractor/nebula.py b/youtube_dl/extractor/nebula.py index c55535f6f..0023a2883 100644 --- a/youtube_dl/extractor/nebula.py +++ b/youtube_dl/extractor/nebula.py @@ -85,7 +85,12 @@ class NebulaIE(InfoExtractor): request = sanitized_Request(method='POST', url='https://api.watchnebula.com/api/v1/auth/login/', data=data, - headers={'content-type': 'application/json'}) + headers={ + 'content-type': 'application/json', + # Overwrite the cookie headers, because + # submitting the 'sessionid' cookie + # always causes a 403 on auth endpoint + 'cookie': ''}) response = self._download_json(request, fatal=False, video_id=video_id, note='Authenticating to Nebula with supplied credentials', errnote='Authentication failed or rejected') @@ -105,6 +110,9 @@ class NebulaIE(InfoExtractor): the error message, because probably highly unpopular) If none of these are successful, an end user-intended error message is raised, listing some solutions. + + Returns a Nebula API token, which subsequently can be used to make + authenticated calls to the Nebula API. """ nebula_token = None