New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix incorrect handling of cookiejars with '0' or empty 'expires' #12929
Conversation
Technically session cookies should not even be stored in a cookie file since by definition it's bound to browser's session time. Needless to say it's very questionable whether they should be sent when loaded from cookie file. |
I'd argue that's the correct behavior though. A very common use case is to pass in a cookiejar to manually handle a complicated login. In that case, you're suspending and restarting the same browser session in youtube-dl by dumping the session's cookies in the cookiejar and loading them in youtube-dl -- a process that should be seamless. Besides, the session cookies are still discarded when they're saved back to the cookiejar at the end of execution (one "browser session"). |
@dstftw would it be possible to take a look at this again? I really feel as though there's a strong argument for this behavior being the 'correct' behavior. |
Which problem concretely this is supposed to fix? Namely what concretely does not work currently and does work after this change. |
Currently, when youtube-dl reads the cookies file passed in with --cookies, it ignores any cookies (and fails to send them) that have a '0' or '' (blank string) in the 'expires' column. This is supposed to indicate that the specified cookie is a session cookie [and thus should expire when, e.g. the browser window is closed]. YouTube/Google also uses these cookies to store critical session information. Thus, when the cookies are exported from the browser (for example, with this popular Chrome extension: https://chrome.google.com/webstore/detail/cookiestxt/njabckikapfpffapmjgojcnbfjonfjfg ), youtube-dl fails to send them, as a result cannot properly authenticate to YouTube, and so the download of private/restricted videos fails. This problem is related to a bug in the Python libraries (see the original post I made for the link), and my changes make youtube-dl send these cookies in requests, but not save them to the resulting cookiejar when the script is done executing. |
You didn't read my question. What concretely does not work due to dropping browser session cookies? |
Sorry, I thought I answered it. [[ See also a reference to this convention (0 or blank for session cookie expiration times) in the documentation for wget (under --keep-session-cookies) https://www.gnu.org/software/wget/manual/html_node/HTTP-Options.html ]] |
Private videos work just fine for me with current cookie code. |
What method are you using to export your browser's cookies? Also, what is the expiration time listed for the cookie ".youtube.com : SID"? I'm still unable to do this, even with the latest version (2017.05.26). |
I use plugins from https://github.com/rg3/youtube-dl#how-do-i-pass-cookies-to-youtube-dl. Expiry time for |
Okay, I think I see the reason for why this isn't working for me, but it is for you. Regardless, updated problem: Downloading private videos using a dump of browser cookies from a Google Apps login (passed in with --cookies) does not work. |
Any chance of this getting merged? It is a bit of a niche situation, I realize, but I do believe it is the correct behavior. |
@dstftw Is it possible to get another look at this? |
Surprised to bump into another Berkeley student on an obscure Github issue!... Anyway will this be merged anytime soon? |
@jimbo1qaz as a temporary workaround, you can change all of the '0's for the expiration time in your cookies.txt to some large number so they're not removed |
I already implemented that workaround. I was trying to use mpv to crop webcasts, but I couldn't find any way to crop 50% of the screen. I ended up using CSS to hide half the video. |
…hind session cookies (closes #12929)
…hind session cookies (closes #12929)
Please follow the guide below
x
into all the boxes [ ] relevant to your pull request (like that [x])Before submitting a pull request make sure you have:
In order to be accepted and merged into youtube-dl each piece of code must be in public domain or released under Unlicense. Check one of the following options:
What is the purpose of your pull request?
Description of your pull request and other information
This fixes cookies not being sent by youtube-dl if the entry in the cookiejar has an 'expires' column set to either 0 or '' (empty). Both of these indicate that the cookie is a session cookie (expires only when the browser is closed). At least YouTube uses this type of cookie to store/send important session information. Previously, you would have to manually set the 'expires' column to some date in the distant future for all of these cookies in your cookiejar if you wanted youtube-dl to use them.
This is related to a Python bug https://bugs.python.org/issue17164 in MozillaCookieJar.
Despite the
ignore_expires=True
line, truly expired cookies (0 < expires_at <= current_time
) will not actually be sent -- urllib2/cookielib do not send cookies that are expired anyway. This just prevents the cookiejar library from prematurely discarding 'expires_at=0' cookies.Example of a cookie that would normally be sent:
.youtube.com TRUE / FALSE 1498715626 PREF f1=50000000&hl=en
Example of cookies that would not have been sent before (but should have been):
.youtube.com TRUE / FALSE 0 PREF f1=50000000&hl=en
.youtube.com TRUE / FALSE PREF f1=50000000&hl=en