Is there any way I can programmatically authorize to upload multiple files to Dreamwidth by a script

[ari_linn]

I have about 100 files that I want to upload to Dreamwidth. I want to do it with a script, if it's possible. I checked what happens in my browser when I'm logged in and uploading a file at https://www.dreamwidth.org/file/new , and it was pretty much the following request:

POST https://www.dreamwidth.org/api/v1/file/new 
Content-Type: multipart/form-data
Cookies: ljuniq=THISTOKENCHANGESWITHEVERYREQUEST;
BMLschemepref=celerity-local;
__utma=SOMETOKEN;ljmastersession=YETANOTHERTOKEN;
ljloggedin=FINALTOKEN

FILE BODY

My problem now is: how do I get the whole cookies/authorization stuff, or at least THISTOKENCHANGESWITHEVERYREQUEST token (other stuff seems to be reused? can I hijack my current session and simply use cookies from it in my script?) Is there any way to do it programmatically?

Comments

[momijizukamori]

Most of those are session cookies and you can in fact just copy them out - I'm not sure if we use ljuniq for CSRF protection though, and if we do, you won't be able to keep reusing the same copy of that, thought it looks like it's set on the server response so you could set it after - it'd be fairly simple to do in Python, and doable in Bash (which means it's probably not too hard in other languages).

That said, the file upload page allows you to select multiple files at once - I don't know if there's an upper limit, actually.

[ari_linn]

Now that you mentioned selecting multiple files, I actually gave it a try. Quite amazingly it worked! I never expected that. Well, thanks, you saved me from writing a script that would get a cookie from dreamwidth, login with this cookie using challenge-response mechanism and upload files one by one. :-)

[momijizukamori]

Glad it worked! Yeah, I think that maybe needs to be better documented somewhere - I think I found it by just seeing if it worked (because it's a UX pattern that's becoming pretty common). Glad I could save you some work!