[GH-ISSUE #22] Cookie import fails with "validated: undefined" #15

New issue

Closed

opened 2026-03-23 20:31:37 +00:00 by mirror · 18 comments

mirror commented 2026-03-23 20:31:37 +00:00

Owner

Copy link

Originally created by @EpicLPer on GitHub (Aug 14, 2023).
Original GitHub issue: https://github.com/tubearchivist/browser-extension/issues/22

Heya,

I just tried importing my cookies and I'm getting the following error inside the browser extension:

In the Inspect tab I get the message {"message":{"cookie_import":"fail","cookie_validated":false}}, the network tab tells me a 400 Bad Request occured.

Not sure if I'm doing something wrong (again) tho :)

Thanks already!

Originally created by @EpicLPer on GitHub (Aug 14, 2023). Original GitHub issue: https://github.com/tubearchivist/browser-extension/issues/22 Heya, I just tried importing my cookies and I'm getting the following error inside the browser extension:  In the Inspect tab I get the message `{"message":{"cookie_import":"fail","cookie_validated":false}}`, the network tab tells me a `400 Bad Request` occured. Not sure if I'm doing something wrong (again) tho :) Thanks already!

mirror 2026-03-23 20:31:37 +00:00

• closed this issue
• added the
  help wanted
  label

mirror commented 2026-03-23 20:31:38 +00:00

Author

Owner

Copy link

@bbilly1 commented on GitHub (Aug 17, 2023):

Impossible to say without logs what's happening. Probably means invalid cookie? Sometimes doing this from a blank browser can help, where there has always only been one google account used. Or you can also use the manual import.

<!-- gh-comment-id:1681487900 --> @bbilly1 commented on GitHub (Aug 17, 2023): Impossible to say without logs what's happening. Probably means invalid cookie? Sometimes doing this from a blank browser can help, where there has always only been one google account used. Or you can also use the manual import.

mirror commented 2026-03-23 20:31:38 +00:00

Author

Owner

Copy link

@DutchEllie commented on GitHub (Aug 17, 2023):

I have the same issue, have been having it since forever and always just manually added the cookie, very annoying.
This is the log from when I tried to add the cookie using the extension:

cookie preview:

# Netscape HTTP Cookie File
# https://curl.haxx.se/rfc/cookie_spec.html
# This is a generated file! Do not edit.

.youtube.com    TRUE    /       FALSE   1719579328      SOCS    [REDACTED]
.youtube.com    TRUE    /       TRUE    0       YSC     [REDACTED]
.youtube.com    TRUE    /       FALSE   1720011328      CONSENT [REDACTED]
.youtube.com    TRUE    /       TRUE    1725
cookie: activated and stored in Redis
validating cookie
cookie file is invalid
cookie validation failed, exiting...
cookie: revoked
cookie: {'cookie_import': 'fail', 'cookie_validated': False}
[pid: 44|app: 0|req: 1359/1359] 10.0.0.38 () {64 vars in 1070 bytes} [Thu Aug 17 14:16:03 2023] PUT /api/cookie/ => generated 61 bytes in 101 msecs (HTTP/1.1 400) 9 headers in 357 bytes (1 switches on core 0)

It seems to just send bad data, not actually the full cookies file like it needs.

<!-- gh-comment-id:1682185077 --> @DutchEllie commented on GitHub (Aug 17, 2023): I have the same issue, have been having it since forever and always just manually added the cookie, very annoying. This is the log from when I tried to add the cookie using the extension: ``` cookie preview: # Netscape HTTP Cookie File # https://curl.haxx.se/rfc/cookie_spec.html # This is a generated file! Do not edit. .youtube.com TRUE / FALSE 1719579328 SOCS [REDACTED] .youtube.com TRUE / TRUE 0 YSC [REDACTED] .youtube.com TRUE / FALSE 1720011328 CONSENT [REDACTED] .youtube.com TRUE / TRUE 1725 cookie: activated and stored in Redis validating cookie cookie file is invalid cookie validation failed, exiting... cookie: revoked cookie: {'cookie_import': 'fail', 'cookie_validated': False} [pid: 44|app: 0|req: 1359/1359] 10.0.0.38 () {64 vars in 1070 bytes} [Thu Aug 17 14:16:03 2023] PUT /api/cookie/ => generated 61 bytes in 101 msecs (HTTP/1.1 400) 9 headers in 357 bytes (1 switches on core 0) ``` It seems to just send bad data, not actually the full cookies file like it needs.

mirror commented 2026-03-23 20:31:38 +00:00

Author

Owner

Copy link

@bbilly1 commented on GitHub (Aug 17, 2023):

A cookie is valid, if TA can access your liked videos playlist, e.g. https://www.youtube.com/playlist?list=LL. If it can't access that, it's invalid and revoked as you can see in your output.

One of these cases of works on my machine. If it doesn't work for you, please provide a fix.

<!-- gh-comment-id:1682201325 --> @bbilly1 commented on GitHub (Aug 17, 2023): A cookie is valid, if TA can access your liked videos playlist, e.g. `https://www.youtube.com/playlist?list=LL`. If it can't access that, it's invalid and revoked as you can see in your output. One of these cases of works on my machine. If it doesn't work for you, please provide a fix.

mirror commented 2026-03-23 20:31:39 +00:00

Author

Owner

Copy link

@bbilly1 commented on GitHub (Aug 17, 2023):

very annoying

Please be nice.

<!-- gh-comment-id:1682212989 --> @bbilly1 commented on GitHub (Aug 17, 2023): > very annoying Please be nice.

mirror commented 2026-03-23 20:31:39 +00:00

Author

Owner

Copy link

@grantterra commented on GitHub (Sep 3, 2023):

I had the same issue.

I compared the original cookies stored in the browser, and it seems that TubeArchivist did not receive the last 54 characters in the cookie value.

<!-- gh-comment-id:1704149311 --> @grantterra commented on GitHub (Sep 3, 2023): I had the same issue. <img width="1328" alt="screenshot1" src="https://github.com/tubearchivist/browser-extension/assets/4091143/30664167-a438-4a43-b60d-5294d7c4ff7e"> I compared the original cookies stored in the browser, and it seems that TubeArchivist did not receive the last 54 characters in the cookie value. 

mirror commented 2026-03-23 20:31:39 +00:00

Author

Owner

Copy link

@3urobeat commented on GitHub (Oct 8, 2023):

I'm also experiencing this issue for months now.
It did work as expected back in June and then suddenly failed.
Tubearchivist on my server, as well as the browser extension, are on the newest versions.
I have deleted all my YouTube cookies, did a fresh login - also no success.

I'm using LibreWolf Firefox 118.0.1-1 on Linux 6.5.5-arch1-1

Edit: I can confirm the observation by grantterra, the cookie extracted by the extension is too short. After exporting the cookie manually, placing it in the import directory, enabling cookies and reindexing, my playlist it is active again.

<!-- gh-comment-id:1752026468 --> @3urobeat commented on GitHub (Oct 8, 2023): I'm also experiencing this issue for months now. It did work as expected back in June and then suddenly failed. Tubearchivist on my server, as well as the browser extension, are on the newest versions. I have deleted all my YouTube cookies, did a fresh login - also no success. I'm using `LibreWolf Firefox 118.0.1-1` on `Linux 6.5.5-arch1-1` Edit: I can confirm the observation by grantterra, the cookie extracted by the extension is too short. After exporting the cookie manually, placing it in the `import` directory, enabling cookies and reindexing, my playlist it is active again.

mirror commented 2026-03-23 20:31:40 +00:00

Author

Owner

Copy link

@clb92 commented on GitHub (Oct 14, 2023):

I'm experiencing this in Chrome, but not in Firefox.

<!-- gh-comment-id:1762961784 --> @clb92 commented on GitHub (Oct 14, 2023): I'm experiencing this in Chrome, but not in Firefox.

mirror commented 2026-03-23 20:31:40 +00:00

Author

Owner

Copy link

@bbilly1 commented on GitHub (Oct 19, 2023):

It seems to just send bad data, not actually the full cookies file like it needs.

and

I compared the original cookies stored in the browser, and it seems that TubeArchivist did not receive the last 54 characters in the cookie value.

as well as

I can confirm the observation by grantterra, the cookie extracted by the extension is too short.

you'll see in your log output cookie preview. so what is logged is only the first 200 characters (I think) from the complete cookie. as that is sensitive data, so this shouldn't be logged completely somewhere...

cookie building happens in background.js here: https://github.com/tubearchivist/browser-extension/blob/master/extension/background.js#L209

if anybody wants to investigate further.

<!-- gh-comment-id:1770115181 --> @bbilly1 commented on GitHub (Oct 19, 2023): > It seems to just send bad data, not actually the full cookies file like it needs. and > I compared the original cookies stored in the browser, and it seems that TubeArchivist did not receive the last 54 characters in the cookie value. as well as > I can confirm the observation by grantterra, the cookie extracted by the extension is too short. you'll see in your log output `cookie preview`. so what is logged is only the first 200 characters (I think) from the complete cookie. as that is sensitive data, so this shouldn't be logged completely somewhere... cookie building happens in background.js here: https://github.com/tubearchivist/browser-extension/blob/master/extension/background.js#L209 if anybody wants to investigate further.

mirror commented 2026-03-23 20:31:40 +00:00

Author

Owner

Copy link

@nzp-hu commented on GitHub (Oct 21, 2023):

I have cross-checked the sent data with something generated by the cookies.txt extension and narrowed it down to the "subdomains" field in the buildCookieLine function.
I assume it clashes with cookie.secure in some cases.

Changing this to something like cookie.hostOnly ? 'FALSE' : 'TRUE', seems to resolve the issue for me.
Tested based on the cookies.txt cookie builder snippet which has some additional support for #HttpOnly_ as well, which might be useful.
They also seem to use secure instead of httpOnly. Which(, to me,) seems to match the file spec.

To test, I overrode the buildCookieLine() function (while at a break point in sendCookies()) with the following modified snippet:

function buildCookieLine(cookie) {
  return [
    cookie.domain,
    cookie.hostOnly ? 'FALSE' : 'TRUE',
    cookie.path,
    cookie.httpOnly.toString().toUpperCase(),
    Math.trunc(cookie.expirationDate) || 0,
    cookie.name,
    cookie.value,
  ].join('\t');
}

If someone could validate it from their side, it would be great. I would really love this functionality. :)

<!-- gh-comment-id:1773879293 --> @nzp-hu commented on GitHub (Oct 21, 2023): I have cross-checked the sent data with something generated by the cookies.txt extension and narrowed it down to the ["subdomains" field in the buildCookieLine function](https://github.com/tubearchivist/browser-extension/blob/master/extension/background.js#L200). I _assume_ it clashes with `cookie.secure` in some cases. Changing this to something like `cookie.hostOnly ? 'FALSE' : 'TRUE',` seems to resolve the issue for me. Tested based on the cookies.txt [cookie builder snippet](https://github.com/hrdl-github/cookies-txt/blob/master/background.js#L3-L17) which has some additional support for `#HttpOnly_` as well, which might be useful. They also seem to use `secure` instead of `httpOnly`. Which(, to me,) seems to match the [file spec](http://fileformats.archiveteam.org/wiki/Netscape_cookies.txt). To test, I overrode the `buildCookieLine()` function (while at a break point in `sendCookies()`) with the following modified snippet: ```js function buildCookieLine(cookie) { return [ cookie.domain, cookie.hostOnly ? 'FALSE' : 'TRUE', cookie.path, cookie.httpOnly.toString().toUpperCase(), Math.trunc(cookie.expirationDate) || 0, cookie.name, cookie.value, ].join('\t'); } ``` If someone could validate it from their side, it would be great. I would really love this functionality. :)

mirror commented 2026-03-23 20:31:40 +00:00

Author

Owner

Copy link

@bbilly1 commented on GitHub (Nov 10, 2023):

Some investigation on the live stream could point towards that we limit our domain selection too much, and that www.youtube.com will get excluded.

notes: https://github.com/Rob--W/cookie-manager/issues/26

some traceback:

/usr/local/lib/python3.11/http/cookiejar.py:2083: UserWarning: http.cookiejar bug!
Traceback (most recent call last):
  File "/usr/local/lib/python3.11/http/cookiejar.py", line 2056, in _really_load
    assert domain_specified == initial_dot
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
AssertionError

  _warn_unhandled_exception()

<!-- gh-comment-id:1804981329 --> @bbilly1 commented on GitHub (Nov 10, 2023): Some investigation on the live stream could point towards that we limit our domain selection too much, and that www.youtube.com will get excluded. notes: https://github.com/Rob--W/cookie-manager/issues/26 some traceback: ``` /usr/local/lib/python3.11/http/cookiejar.py:2083: UserWarning: http.cookiejar bug! Traceback (most recent call last): File "/usr/local/lib/python3.11/http/cookiejar.py", line 2056, in _really_load assert domain_specified == initial_dot ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ AssertionError _warn_unhandled_exception() ```

mirror commented 2026-03-23 20:31:41 +00:00

Author

Owner

Copy link

@Gentoli commented on GitHub (Mar 1, 2024):

For me, looks like the extension included a cookie from the subdomain payments.youtube.com and yt-dlp is not happy with that. Removing it from the POST /api/cookie/ works.

Because the validation is done by yt-dlp, before https://github.com/tubearchivist/tubearchivist/pull/669 which would log the error in the console, you could try capturing the cookie file sent by the extension from the extension developer console, then testing it with downloading any youtube video with a noop arg like -F, then it would give error like:

http.cookiejar.LoadError: invalid Netscape format cookies file 'C:\\Users\\<user>\\Desktop\\cookies.txt': 'payments.youtube.com\tTRUE\t/\tFALSE\t1711779732\tOTZ\t<some-value>'

<!-- gh-comment-id:1972599452 --> @Gentoli commented on GitHub (Mar 1, 2024): For me, looks like the extension included a cookie from the subdomain `payments.youtube.com` and yt-dlp is not happy with that. Removing it from the `POST /api/cookie/` works. Because the validation is done by yt-dlp, before https://github.com/tubearchivist/tubearchivist/pull/669 which would log the error in the console, you could try capturing the cookie file sent by the extension from the extension developer console, then testing it with downloading any youtube video with a noop arg like `-F`, then it would give error like: ``` http.cookiejar.LoadError: invalid Netscape format cookies file 'C:\\Users\\<user>\\Desktop\\cookies.txt': 'payments.youtube.com\tTRUE\t/\tFALSE\t1711779732\tOTZ\t<some-value>' ```

mirror commented 2026-03-23 20:31:41 +00:00

Author

Owner

Copy link

@bbilly1 commented on GitHub (Mar 10, 2024):

Interesting, would make sense that I can't reproduce this, I probably won't have any payment subdomain cookies if I didn't make any payments on YT. Will ignoring all subdomains work? Or does this need some other processing?

<!-- gh-comment-id:1987271632 --> @bbilly1 commented on GitHub (Mar 10, 2024): Interesting, would make sense that I can't reproduce this, I probably won't have any payment subdomain cookies if I didn't make any payments on YT. Will ignoring all subdomains work? Or does this need some other processing?

mirror commented 2026-03-23 20:31:41 +00:00

Author

Owner

Copy link

@Gentoli commented on GitHub (Mar 10, 2024):

Given yt-dlp is rejecting cookies from the subdomains, I think it's safe to remove all subdomains.

<!-- gh-comment-id:1987418230 --> @Gentoli commented on GitHub (Mar 10, 2024): Given yt-dlp is rejecting cookies from the subdomains, I think it's safe to remove all subdomains.

mirror commented 2026-03-23 20:31:42 +00:00

Author

Owner

Copy link

@CommanderRedYT commented on GitHub (Mar 26, 2024):

I do not have any cookies on subdomains but it still fails. Both on firefox and chrome and with different accounts

<!-- gh-comment-id:2020199055 --> @CommanderRedYT commented on GitHub (Mar 26, 2024): I do not have any cookies on subdomains but it still fails. Both on firefox and chrome and with different accounts

mirror commented 2026-03-23 20:31:42 +00:00

Author

Owner

Copy link

@wolrah commented on GitHub (Mar 27, 2024):

I can confirm that removing the payments.youtube.com cookie solved the problem for me.

<!-- gh-comment-id:2023900775 --> @wolrah commented on GitHub (Mar 27, 2024): I can confirm that removing the payments.youtube.com cookie solved the problem for me.

mirror commented 2026-03-23 20:31:42 +00:00

Author

Owner

Copy link

@bbilly1 commented on GitHub (May 1, 2024):

Can somebody who can reproduce this check if the linked commit on the https://github.com/tubearchivist/browser-extension/tree/fix-cookie-domain branch fixes that?

This still syncs the cookie correctly for me.

<!-- gh-comment-id:2089128843 --> @bbilly1 commented on GitHub (May 1, 2024): Can somebody who can reproduce this check if the linked commit on the https://github.com/tubearchivist/browser-extension/tree/fix-cookie-domain branch fixes that? This still syncs the cookie correctly for me.

mirror commented 2026-03-23 20:31:42 +00:00

Author

Owner

Copy link

@bbilly1 commented on GitHub (May 11, 2024):

assuming this has been fixed, update to v0.3.0

<!-- gh-comment-id:2105931520 --> @bbilly1 commented on GitHub (May 11, 2024): assuming this has been fixed, update to v0.3.0

mirror commented 2026-03-23 20:31:43 +00:00

Author

Owner

Copy link

@ccfman2004 commented on GitHub (Jan 24, 2025):

Seems this issue is back on both Firefox and Chrome. It stopped working on Firefox a few weeks ago but Chrome was working. Now neither are working.

# Netscape HTTP Cookie File
# https://curl.haxx.se/rfc/cookie_spec.html
# This is a generated file! Do not edit.

.youtube.com    TRUE    /       TRUE    1753296799      VISITOR_INFO1_LIVE      aQ
.youtube.com    TRUE    /       TRUE    1753296799      VISITOR_PRIVACY_METADATA       %3D%3D
.youtube.com    TRUE    /       TRUE    1753241785      _
cookie: activated and stored in Redis
validating cookie
/usr/local/lib/python3.11/http/cookiejar.py:2083: UserWarning: http.cookiejar bug!
Traceback (most recent call last):
  File "/usr/local/lib/python3.11/http/cookiejar.py", line 2056, in _really_load
    assert domain_specified == initial_dot
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
AssertionError

  _warn_unhandled_exception()
ERROR: invalid Netscape format cookies file <_io.StringIO object at 0x14f5d0a12f80>: 'www.youtube.com\tTRUE\t/\tFALSE\t1738584490\tOTZ\t7894808_76_76_104100_72_446760'
LL: failed to get info from youtube with message ERROR: invalid Netscape format cookies file <_io.StringIO object at 0x14f5d0a12f80>: 'www.youtube.com\tTRUE\t/\tFALSE\t1738584490\tOTZ\t7894808_76_76_104100_72_446760'
cookie validation failed, exiting...
cookie: revoked
cookie: {'cookie_import': 'fail', 'cookie_validated': False}
[pid: 4290|app: 0|req: 115344/115344] 10.0.0.135 () {50 vars in 818 bytes} [Fri Jan 24 13:57:49 2025] PUT /api/cookie/ => generated 61 bytes in 250 msecs (HTTP/1.1 400) 9 headers in 358 bytes (1 switches on core 0)`
```

<!-- gh-comment-id:2613193120 --> @ccfman2004 commented on GitHub (Jan 24, 2025): Seems this issue is back on both Firefox and Chrome. It stopped working on Firefox a few weeks ago but Chrome was working. Now neither are working. ```` # Netscape HTTP Cookie File # https://curl.haxx.se/rfc/cookie_spec.html # This is a generated file! Do not edit. .youtube.com TRUE / TRUE 1753296799 VISITOR_INFO1_LIVE aQ .youtube.com TRUE / TRUE 1753296799 VISITOR_PRIVACY_METADATA %3D%3D .youtube.com TRUE / TRUE 1753241785 _ cookie: activated and stored in Redis validating cookie /usr/local/lib/python3.11/http/cookiejar.py:2083: UserWarning: http.cookiejar bug! Traceback (most recent call last): File "/usr/local/lib/python3.11/http/cookiejar.py", line 2056, in _really_load assert domain_specified == initial_dot ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ AssertionError _warn_unhandled_exception() ERROR: invalid Netscape format cookies file <_io.StringIO object at 0x14f5d0a12f80>: 'www.youtube.com\tTRUE\t/\tFALSE\t1738584490\tOTZ\t7894808_76_76_104100_72_446760' LL: failed to get info from youtube with message ERROR: invalid Netscape format cookies file <_io.StringIO object at 0x14f5d0a12f80>: 'www.youtube.com\tTRUE\t/\tFALSE\t1738584490\tOTZ\t7894808_76_76_104100_72_446760' cookie validation failed, exiting... cookie: revoked cookie: {'cookie_import': 'fail', 'cookie_validated': False} [pid: 4290|app: 0|req: 115344/115344] 10.0.0.135 () {50 vars in 818 bytes} [Fri Jan 24 13:57:49 2025] PUT /api/cookie/ => generated 61 bytes in 250 msecs (HTTP/1.1 400) 9 headers in 358 bytes (1 switches on core 0)` ```

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

release-TA-v0.5.0

v0.4.2

v0.4.1

v0.4.0

v0.3.2

v0.3.1

v0.3.0

v0.2.2

v0.2.1

v0.2.0

v0.1.4

v0.1.3

v0.1.2

v0.1.1

v0.1.0

v0.0.3

v0.0.2

v0.0.1-1

v0.0.1

Labels

Clear labels   

bug

  

bug

  

duplicate

  

enhancement

  

help wanted

  

invalid

  

not an issue

  

not an issue

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

wontfix

No labels

bug

bug

duplicate

enhancement

help wanted

invalid

not an issue

not an issue

pull-request

question

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

tubearchivist/archived-browser-extension#15

No description provided.