Add user-agent to guest_token request (#1359 )

Fix the checkmark position (#1347 )
Co-authored-by: yav <796176@protonmail.com>
2026-01-31 07:42:51 -05:00 · 2026-01-29 17:27:41 +01:00 · 2025-12-24 02:22:20 -05:00 · 2025-12-08 04:05:08 -05:00 · 2025-12-06 05:15:01 +01:00 · 2025-12-06 05:00:34 +01:00
11 changed files with 44 additions and 9 deletions
--- a/nitter.example.conf
+++ b/nitter.example.conf
@@ -26,7 +26,9 @@ enableRSS = true  # set this to false to disable RSS feeds
 enableDebug = false  # enable request logs and debug endpoints (/.sessions)
 proxy = ""  # http/https url, SOCKS proxies are not supported
 proxyAuth = ""
 apiProxy = "" # nitter-proxy host, e.g. localhost:7000
 disableTid = false # enable this if cookie-based auth is failing
 maxConcurrentReqs = 2 # max requests at a time per session to avoid race conditions
 # Change default preferences here, see src/prefs_impl.nim for a complete list
 [Preferences]
--- a/src/apiutils.nim
+++ b/src/apiutils.nim
@@ -13,10 +13,17 @@ const
 var 
  pool: HttpPool
  disableTid: bool
  apiProxy: string
 proc setDisableTid*(disable: bool) =
  disableTid = disable
 proc setApiProxy*(url: string) =
  if url.len > 0:
    apiProxy = url.strip(chars={'/'}) & "/"
    if "http" notin apiProxy:
      apiProxy = "http://" & apiProxy
 proc toUrl(req: ApiReq; sessionKind: SessionKind): Uri =
  case sessionKind
  of oauth:  
@@ -56,7 +63,8 @@ proc genHeaders*(session: Session, url: Uri): Future[HttpHeaders] {.async.} =
    "origin": "https://x.com",
    "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36",
    "x-twitter-active-user": "yes",
-    "x-twitter-client-language": "en"
+    "x-twitter-client-language": "en",
    "priority": "u=1, i"
  })
  case session.kind
@@ -66,6 +74,12 @@ proc genHeaders*(session: Session, url: Uri): Future[HttpHeaders] {.async.} =
    result["x-twitter-auth-type"] = "OAuth2Session"
    result["x-csrf-token"] = session.ct0
    result["cookie"] = getCookieHeader(session.authToken, session.ct0)
    result["sec-ch-ua"] = """"Google Chrome";v="142", "Chromium";v="142", "Not A(Brand";v="24""""
    result["sec-ch-ua-mobile"] = "?0"
    result["sec-ch-ua-platform"] = "Windows"
    result["sec-fetch-dest"] = "empty"
    result["sec-fetch-mode"] = "cors"
    result["sec-fetch-site"] = "same-site"
    if disableTid:
      result["authorization"] = bearerToken2
    else:
@@ -92,7 +106,11 @@ template fetchImpl(result, fetchBody) {.dirty.} =
    var resp: AsyncResponse
    pool.use(await genHeaders(session, url)):
      template getContent =
-        resp = await c.get($url)
+        # TODO: this is a temporary simple implementation
        if apiProxy.len > 0:
          resp = await c.get(($url).replace("https://", apiProxy))
        else:
          resp = await c.get($url)
        result = await resp.body
      getContent()
--- a/src/auth.nim
+++ b/src/auth.nim
@@ -3,14 +3,17 @@ import std/[asyncdispatch, times, json, random, strutils, tables, packedsets, os
 import types, consts
 import experimental/parser/session
-# max requests at a time per session to avoid race conditions
+const hourInSeconds = 60 * 60
 const
  maxConcurrentReqs = 2
  hourInSeconds = 60 * 60
 var
  sessionPool: seq[Session]
  enableLogging = false
  # max requests at a time per session to avoid race conditions
  maxConcurrentReqs = 2
 proc setMaxConcurrentReqs*(reqs: int) =
  if reqs > 0:
    maxConcurrentReqs = reqs
 template log(str: varargs[string, `$`]) =
  echo "[sessions] ", str.join("")
--- a/src/config.nim
+++ b/src/config.nim
@@ -41,7 +41,9 @@ proc getConfig*(path: string): (Config, parseCfg.Config) =
    enableDebug: cfg.get("Config", "enableDebug", false),
    proxy: cfg.get("Config", "proxy", ""),
    proxyAuth: cfg.get("Config", "proxyAuth", ""),
-    disableTid: cfg.get("Config", "disableTid", false)
+    apiProxy: cfg.get("Config", "apiProxy", ""),
    disableTid: cfg.get("Config", "disableTid", false),
    maxConcurrentReqs: cfg.get("Config", "maxConcurrentReqs", 2)
  )
  return (conf, cfg)
--- a/src/nitter.nim
+++ b/src/nitter.nim
@@ -37,7 +37,9 @@ setHmacKey(cfg.hmacKey)
 setProxyEncoding(cfg.base64Media)
 setMaxHttpConns(cfg.httpMaxConns)
 setHttpProxy(cfg.proxy, cfg.proxyAuth)
 setApiProxy(cfg.apiProxy)
 setDisableTid(cfg.disableTid)
 setMaxConcurrentReqs(cfg.maxConcurrentReqs)
 initAboutPage(cfg.staticDir)
 waitFor initRedisPool(cfg)
--- a/src/types.nim
+++ b/src/types.nim
@@ -275,7 +275,9 @@ type
    enableDebug*: bool
    proxy*: string
    proxyAuth*: string
    apiProxy*: string
    disableTid*: bool
    maxConcurrentReqs*: int
    rssCacheTime*: int
    listCacheTime*: int
--- a/src/views/profile.nim
+++ b/src/views/profile.nim
@@ -26,6 +26,7 @@ proc renderUserCard*(user: User; prefs: Prefs): VNode =
      tdiv(class="profile-card-tabs-name"):
        linkUser(user, class="profile-card-fullname")
        verifiedIcon(user)
        linkUser(user, class="profile-card-username")
    tdiv(class="profile-card-extra"):
--- a/src/views/renderutils.nim
+++ b/src/views/renderutils.nim
@@ -42,7 +42,6 @@ proc linkUser*(user: User, class=""): VNode =
  buildHtml(a(href=href, class=class, title=nameText)):
    text nameText
    if isName:
      verifiedIcon(user)
      if user.protected:
        text " "
        icon "lock", title="Protected account"
--- a/src/views/timeline.nim
+++ b/src/views/timeline.nim
@@ -66,6 +66,7 @@ proc renderUser(user: User; prefs: Prefs): VNode =
        tdiv(class="tweet-name-row"):
          tdiv(class="fullname-and-username"):
            linkUser(user, class="fullname")
            verifiedIcon(user)
        linkUser(user, class="username")
      tdiv(class="tweet-content media-body", dir="auto"):
--- a/src/views/tweet.nim
+++ b/src/views/tweet.nim
@@ -31,6 +31,7 @@ proc renderHeader(tweet: Tweet; retweet: string; pinned: bool; prefs: Prefs): VN
      tdiv(class="tweet-name-row"):
        tdiv(class="fullname-and-username"):
          linkUser(tweet.user, class="fullname")
          verifiedIcon(tweet.user)
          linkUser(tweet.user, class="username")
        span(class="tweet-date"):
@@ -235,6 +236,7 @@ proc renderQuote(quote: Tweet; prefs: Prefs; path: string): VNode =
      tdiv(class="fullname-and-username"):
        renderMiniAvatar(quote.user, prefs)
        linkUser(quote.user, class="fullname")
        verifiedIcon(quote.user)
        linkUser(quote.user, class="username")
      span(class="tweet-date"):
--- a/tools/get_session.py
+++ b/tools/get_session.py
@@ -21,7 +21,10 @@ def auth(username, password, otp_secret):
    guest_token = requests.post(
        "https://api.twitter.com/1.1/guest/activate.json",
-        headers={'Authorization': bearer_token}
+        headers={
            'Authorization': bearer_token,
             "User-Agent": "TwitterAndroid/10.21.0-release.0 (310210000-r-0) ONEPLUS+A3010/9"
        }
    ).json().get('guest_token')
    if not guest_token:
Author	SHA1	Message	Date
cmj	a45227b883	Add user-agent to guest_token request (#1359 )	2026-01-29 17:27:41 +01:00
yav	a92e79ebc3	Fix the checkmark position (#1347 ) Co-authored-by: yav <796176@protonmail.com>	2025-12-24 02:22:20 -05:00
jackyzy823	baeaf685d3	Make maxConcurrentReqs configurable (#1341 )	2025-12-08 04:05:08 -05:00
Zed	51b54852dc	Add preliminary support for nitter-proxy	2025-12-06 05:15:01 +01:00
Zed	663f5a52e1	Improve headers	2025-12-06 05:00:34 +01:00