zhuyifei1999 added a comment. Sorry, I was discussing this on irc `#pywikibot` and didn't see this responce. T126257: The API should not require CSRF tokens for an OAuth request <https://phabricator.wikimedia.org/T126257> was created during the discussion as a potential workaround.
> Does pywikibot use OAuth for every api call? OAuth uses a slightly different > session than a normal, cookie-based session, so mixing the two could give you > unpredictable results. Yes. I'm not entirely sure about cookies, but from the logs it seems every Api calls are OAuth-signed. @valhallasw you can explain this :) > We've been dealing with numerous session issues in the last week related to > session manager, so there's a change you were simply logged out between > getting the csrf token and using it? Um, there's only a few seconds between the requests, with no other api requests in between (from the logs). TASK DETAIL https://phabricator.wikimedia.org/T125779 EMAIL PREFERENCES https://phabricator.wikimedia.org/settings/panel/emailpreferences/ To: zhuyifei1999 Cc: Mpaa, csteipp, Matanya, valhallasw, Ricordisamoa, Aklapper, Yann, StudiesWorld, pywikibot-bugs-list, zhuyifei1999 _______________________________________________ pywikibot-bugs mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/pywikibot-bugs
