#Python HTTP Request Semi-Complete Headers

I'm working on taking my bot from my pc (development) and putting it onto your hosting service for implementation, but I'm having issues with http requests
for some reason, some parts of http headers aren't being received, e.g. "x-csrf-token"
Any idea what's up with this/how to fix it?
I remember having this issue in the past on a different server and having to make a ticket for support/to fix the issue, but don't remember exactly what had to be changed to fix it

@ivory fractal, you just advanced to level 2 !

explain the context. Are you sending the requests or receiving them

sending

after testing for a while, my security cookie expires after the first request

everything works perfectly fine on my pc, but pebblehost returns a 401 (403 expected) and invalidates the cookie

explain the context. Are you sending a simple request

or?

it's a post request to a url with a security cookie
that first request returns a 403 error which has a token in the header
I re-send the original request but with the error's header token in the header

what are you doing to be exact?

are you requesting an api or?

a post request to an api, yes

do you have the api docs

no links

bruh

https ://groups .roblox. com/docs/index.html?urls.primaryName=Groups%20Api%20v1

what is it called

oh roblox

hmm

how does it want you to authenticate

it's the 6th entry under Membership (v1/groups/{groupId}/join-requestss/users/{userId})

I mean how does it tell you to authenticate

you send 1 request with a security cookie in the cookies section (roblosecurity)
it errors out with a 403 error, but that error has a token in the header called an "x-csrf-token"
you re-send the original request but with the aforementioned "x-csrf-token" in the header

roblosecurity has to be in as a cookie for both requests

again, no issues with my code since the code is literally the exact same on my pc and the server

that's kind of strange. Are you accessing an api that is meant to be accessed by bots

because that's not normal

don't know if it's made for it, but automation works with it

but I've been working with the api and been making bots with it for at least a year, maybe longer

so your expecting a header to be returned

yes

instead what are you getting

wow

https://pastebin.com/Sh9BfkfU

ran a few prints

I saw

ur getting a different response

yes

are you sure you are giving out the same code

again, no difference between code

I literally used a site to compare text

they're identical apart from directories

check the api docs to see what this reponse means, or ask their support if they know what you are doing wrong

roblox doesn't exactly have support

welp... check their docs

they should have an authenticated section

Code    Description
200    
OK

400    
1: The group is invalid or does not exist.
3: The user is invalid or does not exist.
20: The group join request is invalid.

401    
0: Authorization has been denied for this request.

403    
0: Token Validation Failed
6: You are already in the maximum number of groups.
19: You have insufficient permissions for this request.

503    
18: The operation is temporarily unavailable. Please try again later.

but that makes no difference

since it's the exact same code

it's an issue on pebblehost's end

your getting a 401, which it says denied for this request

I swear I remember having an issue like this before and I had to change some server settings or something

it means that the server is acceping ur request

perhaps there is a rate limit on your ip or the api is blocking your ip

well my ip is fine

so could pebble be getting ratelimited?

it could be

but rate limits are usually 429

yeah, what I'm thinking

well you need to contact their support or see if there is a more specific description for this error code

This is because you didn't provide a X-CSRF-Token header. It should give back a token in the response headers, so you can just pull it from there and retry the request with the token.

@ivory fractal, you just advanced to level 3 !

simple google search says that

well your not getting one

yes

so you should ask why you aren't getting one

also send your code

you might be doing smth wrong

well no since everything works fine when I do it on my pc

https://pastebin.com/yapE1K9t

that's the code from my pc

error is on line 300

did you print el.headers

yeah, I just removed it

el, el.text & el.headers can be found here

wat abt the second reponse

will do now

https://pastebin.com/dCFMkNvC

from my pc

1-3 are el, el.text & el.headers for the first request

the last three are the same for the second request

https://pastebin.com/G05xLPuD

that's from the server

now I get this from my pc;
https://pastebin.com/pPDQdHz9

so it looks like pebblehost is somehow invalidating the security cookie

after once again comparing text, the only two differences are found in lines 11/12

obviously the issue hasn't been resolved, but I wanna thank you for being more helpful than the actual staff

since you're making an attempt

they should hire you lol

well. I can't tell you much bcuz I don't use this api

but gl