R
Railway17mo ago
GramosTV

Roblox API CSRF token not working only on railway

const url = 'https://www.roblox.com/mobileapi/userinfo';
      const tokenUrl = 'https://auth.roblox.com/v2/logout';
      const robloxCookie = '.ROBLOSECURITY=' + cookie;
      const proxyAgent = new SocksProxyAgent(
        `socks5://${proxyy.username}:${proxyy.password}@${proxyy.address}:${proxyy.port}`,
      );
      const axiosInstance = axios.create({
        proxy: false,
        httpsAgent: proxyAgent,
        httpAgent: proxyAgent,
      });
    

      const test = await axiosInstance.get(`https://ipapi.co/json/`)
      this.logger.log(JSON.stringify(test.data));
      const getToken = await axiosInstance
        .post(tokenUrl, {
          cookie: robloxCookie,
          'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0',
          'TE': 'trailers',
          'Sec-Fetch-Site': 'same-origin',
          'Sec-Fetch-Mode': 'cors',
          'Sec-Fetch-Dest': 'empty',
          'Pragma':'no-cache',
          'Origin': 'moz-extension://81de3988-e4d3-4ebf-aa83-cb6d09a70b53',
          'Host': 'auth.roblox.com',
          'Content-Type': 'text/plain;charset=UTF-8',
          'Connection': 'keep-alive',
          'Cache-Control': 'no-cache',
          'Accept-Language': 'en-US,en;q=0.5',
          'Accept-Encoding': 'gzip, deflate, br',
          'Accept': '*/*'
        })
        .catch((err) => {
          return err;
        });
        this.logger.log('CSRF')
        this.logger.log(getToken.response.headers['x-csrf-token']);
      const response = await axiosInstance.get(url, {
        headers: {
          Cookie: robloxCookie,
          'x-csrf-token': getToken.response.headers['x-csrf-token'],
        },
      });
const url = 'https://www.roblox.com/mobileapi/userinfo';
      const tokenUrl = 'https://auth.roblox.com/v2/logout';
      const robloxCookie = '.ROBLOSECURITY=' + cookie;
      const proxyAgent = new SocksProxyAgent(
        `socks5://${proxyy.username}:${proxyy.password}@${proxyy.address}:${proxyy.port}`,
      );
      const axiosInstance = axios.create({
        proxy: false,
        httpsAgent: proxyAgent,
        httpAgent: proxyAgent,
      });
    

      const test = await axiosInstance.get(`https://ipapi.co/json/`)
      this.logger.log(JSON.stringify(test.data));
      const getToken = await axiosInstance
        .post(tokenUrl, {
          cookie: robloxCookie,
          'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0',
          'TE': 'trailers',
          'Sec-Fetch-Site': 'same-origin',
          'Sec-Fetch-Mode': 'cors',
          'Sec-Fetch-Dest': 'empty',
          'Pragma':'no-cache',
          'Origin': 'moz-extension://81de3988-e4d3-4ebf-aa83-cb6d09a70b53',
          'Host': 'auth.roblox.com',
          'Content-Type': 'text/plain;charset=UTF-8',
          'Connection': 'keep-alive',
          'Cache-Control': 'no-cache',
          'Accept-Language': 'en-US,en;q=0.5',
          'Accept-Encoding': 'gzip, deflate, br',
          'Accept': '*/*'
        })
        .catch((err) => {
          return err;
        });
        this.logger.log('CSRF')
        this.logger.log(getToken.response.headers['x-csrf-token']);
      const response = await axiosInstance.get(url, {
        headers: {
          Cookie: robloxCookie,
          'x-csrf-token': getToken.response.headers['x-csrf-token'],
        },
      });
8 Replies
Percy
Percy17mo ago
Project ID: 81de3988-e4d3-4ebf-aa83-cb6d09a70b53
GramosTV
GramosTV17mo ago
Please message here or DM for more context/explanation It's probably the weirdest issue I've ever encountered and I've spent an entire day trying to figure it out
Brody
Brody17mo ago
youve shown a screenshot from an api test, but does the code work locally
GramosTV
GramosTV17mo ago
Yes the code works locally I used the proxy on my PC and it worked Basically I do exactly the same thing On PC I get the desired 403 response On railway I get 401 for I have no clue what reason
Brody
Brody17mo ago
your code has a severe lack of logging, you will never be able to find out whats going on with such little error reporting
GramosTV
GramosTV17mo ago
I know what's going on On PC I get 403 on railway I get 401 What else is there to log?
Brody
Brody17mo ago
everything you possibly can
GramosTV
GramosTV17mo ago
The last photo 401 and 403 look the same Except for 401 doesn't provide the csrf token I want I'll console it all out for you tomorrow because it's very late for me
Want results from more Discord servers?
Add your server