diff options
| author | polwex <polwex@sortug.com> | 2025-11-23 01:12:53 +0700 |
|---|---|---|
| committer | polwex <polwex@sortug.com> | 2025-11-23 01:12:53 +0700 |
| commit | cb1b56f5a0eddbf77446f415f2beda57c8305f85 (patch) | |
| tree | d333ca5c143063af8ee1b2f9e2d1d25f8ef2007c /packages/tweetdeck/tests | |
wut
Diffstat (limited to 'packages/tweetdeck/tests')
| -rw-r--r-- | packages/tweetdeck/tests/js.js | 185 | ||||
| -rw-r--r-- | packages/tweetdeck/tests/python.ts | 150 |
2 files changed, 335 insertions, 0 deletions
diff --git a/packages/tweetdeck/tests/js.js b/packages/tweetdeck/tests/js.js new file mode 100644 index 0000000..947d9a7 --- /dev/null +++ b/packages/tweetdeck/tests/js.js @@ -0,0 +1,185 @@ +let solverIframe; +let solveId = 0; +let solveCallbacks = {}; +let solveQueue = [] +let solverReady = false; +let solverErrored = false; +let sentData = false; + +let sandboxUrl = fetch(chrome.runtime.getURL(`sandbox.html`)) + .then(resp => resp.blob()) + .then(blob => URL.createObjectURL(blob)) + .catch(console.error); + +function createSolverFrame() { + if (solverIframe) solverIframe.remove(); + solverIframe = document.createElement('iframe'); + solverIframe.style.display = 'none'; + sandboxUrl.then(url => solverIframe.src = url); + let injectedBody = document.getElementById('injected-body'); + if(injectedBody) { + injectedBody.appendChild(solverIframe); + } else { + let int = setInterval(() => { + let injectedBody = document.getElementById('injected-body'); + if(injectedBody) { + injectedBody.appendChild(solverIframe); + clearInterval(int); + } + }, 10); + } +} +createSolverFrame(); + +function solveChallenge(path, method) { + return new Promise((resolve, reject) => { + if(solverErrored) { + reject('Solver errored during initialization'); + return; + } + let id = solveId++; + solveCallbacks[id] = { resolve, reject, time: Date.now() }; + if(!solverReady || !solverIframe || !solverIframe.contentWindow) { + solveQueue.push({ id, path, method }) + } else { + try { + solverIframe.contentWindow.postMessage({ action: 'solve', id, path, method }, '*'); + } catch(e) { + console.error(`Error sending challenge to solver:`, e); + reject(e); + } + // setTimeout(() => { + // if(solveCallbacks[id]) { + // solveCallbacks[id].reject('Solver timed out'); + // delete solveCallbacks[id]; + // } + // }, 1750); + } + }); +} + +setInterval(() => { + if(!document.getElementById('loading-box').hidden && sentData && solveQueue.length) { + console.log("Something's wrong with the challenge solver, reloading", solveQueue); + createSolverFrame(); + initChallenge(); + } +}, 2000); + +window.addEventListener('message', e => { + if(e.source !== solverIframe.contentWindow) return; + let data = e.data; + if(data.action === 'solved' && typeof data.id === 'number') { + let { id, result } = data; + if(solveCallbacks[id]) { + solveCallbacks[id].resolve(result); + delete solveCallbacks[id]; + } + } else if(data.action === 'error' && typeof data.id === 'number') { + let { id, error } = data; + if(solveCallbacks[id]) { + solveCallbacks[id].reject(error); + delete solveCallbacks[id]; + } + } else if(data.action === 'initError') { + solverErrored = true; + for(let id in solveCallbacks) { + solveCallbacks[id].reject('Solver errored during initialization'); + delete solveCallbacks[id]; + } + alert(`There was an error in initializing security header generator:\n${data.error}\nUser Agent: ${navigator.userAgent}\nOldTwitter doesn't allow unsigned requests anymore for your account security.`); + console.error('Error initializing solver:'); + console.error(data.error); + } else if(data.action === 'ready') { + solverReady = true; + for (let task of solveQueue) { + solverIframe.contentWindow.postMessage({ action: 'solve', id: task.id, path: task.path, method: task.method }, '*') + } + } +}); + +window._fetch = window.fetch; +fetch = async function(url, options) { + if(!url.startsWith('/i/api') && !url.startsWith('https://api.twitter.com') && !url.startsWith('https://api.x.com')) return _fetch(url, options); + if(!options) options = {}; + if(!options.headers) options.headers = {}; + if(!options.headers['x-twitter-auth-type']) { + options.headers['x-twitter-auth-type'] = 'OAuth2Session'; + } + if(!options.headers['x-twitter-active-user']) { + options.headers['x-twitter-active-user'] = 'yes'; + } + if(!options.headers['X-Client-UUID']) { + options.headers['X-Client-UUID'] = OLDTWITTER_CONFIG.deviceId; + } + if(!url.startsWith('http:') && !url.startsWith('https:')) { + let host = location.hostname; + if(!['x.com', 'twitter.com'].includes(host)) host = 'x.com'; + if(!url.startsWith('/')) url = '/' + url; + url = `https://${host}${url}`; + } + let parsedUrl = new URL(url); + // try { + let solved = await solveChallenge(parsedUrl.pathname, options.method ? options.method.toUpperCase() : 'GET'); + console.log({solved}) + options.headers['x-client-transaction-id'] = solved; + // } catch (e) { + // console.error(`Error solving challenge for ${url}:`); + // console.error(e); + // } + if(options.method && options.method.toUpperCase() === 'POST' && typeof options.body === 'string') { + options.headers['Content-Length'] = options.body.length; + } + + return _fetch(url, options); +} + +async function initChallenge() { + try { + let homepageData; + let sleep = ms => new Promise(resolve => setTimeout(resolve, ms)); + let host = location.hostname; + if(!['x.com', 'twitter.com'].includes(host)) host = 'x.com'; + try { + homepageData = await _fetch(`https://${host}/`).then(res => res.text()); + } catch(e) { + await sleep(500); + try { + homepageData = await _fetch(`https://${host}/`).then(res => res.text()); + } catch(e) { + throw new Error('Failed to fetch homepage: ' + e); + } + } + let dom = new DOMParser().parseFromString(homepageData, 'text/html'); + let verificationKey = dom.querySelector('meta[name="twitter-site-verification"]').content; + let anims = Array.from(dom.querySelectorAll('svg[id^="loading-x"]')).map(svg => svg.outerHTML); + + let challengeCode = homepageData.match(/"ondemand.s":"(\w+)"/)[1]; + + OLDTWITTER_CONFIG.verificationKey = verificationKey; + + function sendInit() { + sentData = true; + if(!solverIframe || !solverIframe.contentWindow) return setTimeout(sendInit, 50); + solverIframe.contentWindow.postMessage({ + action: 'init', + challengeCode, + anims, + verificationCode: OLDTWITTER_CONFIG.verificationKey + }, '*'); + } + setTimeout(sendInit, 50); + return true; + } catch (e) { + console.error(`Error during challenge init:`); + console.error(e); + if(location.hostname === 'twitter.com') { + alert(`There was an error in initializing security header generator: ${e}\nUser Agent: ${navigator.userAgent}\nOldTwitter doesn't allow unsigned requests anymore for your account security. Currently the main reason for this happening is social network tracker protection blocking the script. Try disabling such settings in your browser and extensions that do that and refresh the page. This also might be because you're either not logged in or using twitter.com instead of x.com.`); + } else { + alert(`There was an error in initializing security header generator: ${e}\nUser Agent: ${navigator.userAgent}\nOldTwitter doesn't allow unsigned requests anymore for your account security. Currently the main reason for this happening is social network tracker protection blocking the script. Try disabling such settings in your browser and extensions that do that and refresh the page. This can also happen if you're not logged in.`); + } + return false; + } +}; + +initChallenge(); diff --git a/packages/tweetdeck/tests/python.ts b/packages/tweetdeck/tests/python.ts new file mode 100644 index 0000000..73a174b --- /dev/null +++ b/packages/tweetdeck/tests/python.ts @@ -0,0 +1,150 @@ +import { TransactionIdGenerator as TransactionIdGenerator } from "../src/lib/fetching/python"; + +export const cookie = `auth_token=651d779cb99b54e7ce81bf8f8050e597c452b50b;gt=1868678280205029867;guest_id=v1%3A176150648682600359;__cf_bm=mfj12NkVbU0uPRz84om3BecRhAwv.8CCo.w0B4Gw45o-1761513085.2856057-1.0.1.1-gHPgX0w_GRneFL_GLZ5kPSXd7VCe4EuZnxN9FeKlpRg5PR5CCFrHazEjrE_EM53YxTbd1hDJoaWNXSU.Abr7FmBF5aCso.Jqn6M1ycwSXLhvQ3nTdZXRfiGpDrQugR6q;twid=u%3D1710606417324015616;g_state={"i_p":1733335699025,"i_l":1};external_referer=8e8t2xd8A2w%3D|0|F8C7rVpldvH1T6C9tW%2FBRRUSYlUEkKIshjiEn%2Br%2F70sqqRYvQQ%2FYUQ%3D%3D;auth_multi="1761426801275097088:f10fe04281e0bdf50e9dba703e2cba86adb84847";lang=en;night_mode=2;__cf_bm=koa1LKRskRZYwhHNG6YcIcSFN87JPc24Tb3umQqxxxU-1761507653-1.0.1.1-9OQutUp3hCAW8o5Sr8S0h.uE0eTWkxGRYiiESZu6WW9Q_Y_out9M6G9FqS5n9BVn1svlAUT97_FyLZosboQ45Q0M_HZ4F_rYtd3ojsAm6n8;__cuid=b4c86e91126647b5b7e07dadeac8ec2b;ct0=678e86afdb647f32835e25d1204c99af50b95d0e9ebcaf9db2d837fb9c4e48759a0e218c4845337f429c10e8d95f8a97cb9a7cee84c1bc5a7b522f440d5b6824466b6f4b62c328cc32d980a22fb00745;dnt=1;guest_id_ads=v1%3A176150648682600359;guest_id_marketing=v1%3A176150648682600359;kdt=camHTtNmw0pQUK0ZHaYd6jJnJRRYihbuZ0Ii7yN2;personalization_id="v1_KKOJ4dZoYTZuKLY9eadfIg=="`; + +async function initTransactionIdGenerator(): Promise<TransactionIdGenerator> { + const MAX_REDIRECTS = 5; + let currentUrl = "https://x.com"; + let html = ""; + const headers: Record<string, string> = { + "User-Agent": + "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36", + "Accept-Language": "en-US,en;q=0.9", + Cookie: cookie, + }; + + try { + for ( + let redirectCount = 0; + redirectCount < MAX_REDIRECTS; + redirectCount++ + ) { + const response = await fetch(currentUrl, { headers }); + headers["Cookie"] = cookie; + + if (!response.ok) { + throw new Error( + `Failed fetching ${currentUrl}: ${response.status} ${response.statusText}`, + ); + } + + html = await response.text(); + + // Check for meta refresh redirect + const metaRefreshMatch = html.match( + /<meta\s+http-equiv=["']refresh["']\s+content=["'][^;]+;\s*url=([^"']+)/i, + ); + const migrationRedirectionRegex = + /(http(?:s)?:\/\/(?:www\.)?(?:twitter|x)\.com(?:\/x)?\/migrate(?:[\/?])?tok=[a-zA-Z0-9%\-_]+)/i; + const bodyMatch = html.match(migrationRedirectionRegex); + let migrationUrl = metaRefreshMatch?.[1] || bodyMatch?.[0]; + + if (migrationUrl) { + currentUrl = migrationUrl; + continue; + } + + // Handle migration form + const formMatch = html.match( + /<form[^>]*?(?:name=["']f["']|action=["']https:\/\/x\.com\/x\/migrate["'])[^>]*>([\s\S]*?)<\/form>/i, + ); + if (formMatch) { + const formContent = formMatch[1]; + const actionMatch = formMatch[0].match(/action=["']([^"']+)["']/i); + const methodMatch = formMatch[0].match(/method=["']([^"']+)["']/i); + + const formAction = actionMatch?.[1] || "https://x.com/x/migrate"; + const formMethod = methodMatch?.[1]?.toUpperCase() || "POST"; + const formUrl = new URL(formAction, currentUrl); + if (!formUrl.searchParams.has("mx")) { + formUrl.searchParams.set("mx", "2"); + } + + const payload = new URLSearchParams(); + const inputRegex = + /<input[^>]*?name=["']([^"']+)["'][^>]*?(?:value=["']([^"']*)["'])?[^>]*?>/gi; + let inputMatch; + while ((inputMatch = inputRegex.exec(formContent!)) !== null) { + payload.append(inputMatch[1]!, inputMatch[2] || ""); + } + + const formHeaders = { + ...headers, + "Content-Type": "application/x-www-form-urlencoded", + Referer: currentUrl, + }; + + const response = await fetch(formUrl.toString(), { + method: formMethod, + headers: formHeaders, + body: payload, + redirect: "manual", + }); + headers["Cookie"] = cookie; + + if ( + response.status >= 300 && + response.status < 400 && + response.headers.has("location") + ) { + currentUrl = new URL( + response.headers.get("location")!, + currentUrl, + ).toString(); + continue; + } + + if (!response.ok) { + throw new Error( + `Migration form submission failed: ${response.status} ${response.statusText}`, + ); + } + + html = await response.text(); + + const subsequentMetaRefresh = html.match( + /<meta\s+http-equiv=["']refresh["']\s+content=["'][^;]+;\s*url=([^"']+)/i, + ); + const subsequentBodyMatch = html.match(migrationRedirectionRegex); + + if (subsequentMetaRefresh?.[1] || subsequentBodyMatch?.[0]) { + currentUrl = subsequentMetaRefresh?.[1] || subsequentBodyMatch![0]; + if (!currentUrl.startsWith("http")) { + currentUrl = new URL(currentUrl, response.url).toString(); + } + continue; + } + } + + break; + } + + if (!html) { + throw new Error("Failed to retrieve HTML after potential migrations."); + } + + const transactionIdGenerator = new TransactionIdGenerator(html); + return transactionIdGenerator; + } catch (error: any) { + throw new Error( + `Transaction ID initialization failed: ${error.message || error}`, + ); + } +} + +async function generateTransactionId( + method: string, + path: string, +): Promise<string> { + const gen = new TransactionIdGenerator(""); + await gen.init(); + // const gen = await initTransactionIdGenerator(); + + return gen.getTransactionId(method, path); +} + +const res = await generateTransactionId( + "GET", + "i/api/graphql/2AtIgw7Kz26sV6sEBrQjSQ/UsersByRestIds", +); +console.log({ res }); |