Got error: "Sign in to confirm that you're not a bot"

[DuplicantWood]

Official Instance

• The bug is reproducible on the official hosted instance, or is API-related.

Describe the bug

On my private instance and with some others i have tested in the public list i am seeing "Got error: "Sign in to confirm that you're not a bot"" instead of a video

Here is a link from a public instance with the same problem:

https://piped.r4fo.com/watch?v=2G-L0u_L0qU

To Reproduce

Open this url on this instance

https://piped.r4fo.com/watch?v=2G-L0u_L0qU

See error

Expected behavior

Video to play normally

Logs/Errors

org.schabi.newpipe.extractor.exceptions.ContentNotAvailableException: Got error: "Sign in to confirm that you're not a bot" at org.schabi.newpipe.extractor.services.youtube.extractors.YoutubeStreamExtractor.checkPlayabilityStatus(YoutubeStreamExtractor.java:1016) at org.schabi.newpipe.extractor.services.youtube.extractors.YoutubeStreamExtractor.onFetchPage(YoutubeStreamExtractor.java:876) at org.schabi.newpipe.extractor.Extractor.fetchPage(Extractor.java:60) at org.schabi.newpipe.extractor.stream.StreamInfo.getInfo(StreamInfo.java:77) at org.schabi.newpipe.extractor.stream.StreamInfo.getInfo(StreamInfo.java:72) at org.schabi.newpipe.extractor.stream.StreamInfo.getInfo(StreamInfo.java:67) at me.kavin.piped.server.handlers.StreamHandlers.lambda$streamsResponse$0(StreamHandlers.java:54) at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:317) at java.base/java.lang.VirtualThread.run(VirtualThread.java:309)

Browser, and OS with Version.

Happens on multiple browsers and devices

Additional context

I'm assuming it's related to something google/youtube have done as invidious instances are having similar issues.

iv-org/invidious#4734

[opusforlife2]

Some instances are working, some aren't. But it's probably gonna spread to all of them.

[milutinke]

Is there any solution for this?

[00-kat]

Is there any solution for this?

Cobalt implemented OAuth, but other than that there's not been much in terms of solving this issue...

[milutinke]

Is there any solution for this?

Cobalt implemented OAuth, but other than that there's not been much in terms of solving this issue...

Well, maybe it would be good implementing it as an optional feature, so instances could continue running until there is a better solution.

[Anoerak]

Restarting all containers fixed it for me tonight.

[AndrewHoang1995]

Restarting all containers fixed it for me tonight.

Really !!!

[LivingWithHippos]

Restarting all containers fixed it for me tonight.

Didn't work for me, you probably got "B" tested ;D

jokes aside, I have another request that may warrant a separate issue:
I opened a page to use the share button and copy the original youtube link, but the error message "eats" away all the UI, I think it would be nice if a partial interface could still be shown in this case

[Tamarindo94]

This is happening to me on the majority of videos (~8 out of 10) and on different instances, to the point I had to go back to using vanilla youtube.
Sadly, I dont know enough about piped or youtube's inner workings to be able to help, but I hope I can bring more attention to this issue. My fear is that this change could make piped and other frontends unusable sooner than we think if a solution isn't found

[alimovlex]

Is there any solution for this?

Yes. Just obtain youtube API keys and paste the API_SECRET to src/main.js function at 127th line.

getAuthToken() {
            return this.getPreferenceString("authToken" + this.hashCode(this.authApiUrl()));
},

Everything works.

[alimovlex]

This is happening to me on the majority of videos (~8 out of 10) and on different instances, to the point I had to go back to using vanilla youtube. Sadly, I dont know enough about piped or youtube's inner workings to be able to help, but I hope I can bring more attention to this issue. My fear is that this change could make piped and other frontends unusable sooner than we think if a solution isn't found

You can host your own instance instead and paste the token as I have written above.

[AndrewHoang1995]

You can host your own instance instead and paste the token as I have written above.

If I use Docker, how can I rebuild it? I am looking forward to an update from the team regarding documentation and Docker for this temporary solution

[clot27]

This is coming so often on official (piped.video) instance, approximately 7 of 10 videos. I haven't tried to change instance yet, I have switched to invidious.

[opusforlife2]

I haven't tried to change instance yet

This is the best workaround though. Works 100% of the time. You rarely have to change it twice.

[danl76]

Your modify the main.js like this?

getAuthToken() { return this.getPreferenceString("authToken" + this.hashCode(API_KEY)); },

Where API_KEY = your yt api key

Also how do get into the docker container to modify main.js? I tried bash but that'd didn't work.

[alimovlex]

Your modify the main.js like this?

getAuthToken() { return this.getPreferenceString("authToken" + this.hashCode(API_KEY)); },

Where API_KEY = your yt api key

Also how do get into the docker container to modify main.js? I tried bash but that'd didn't work.

Unfortunately, no.

getAuthToken() {
            return this.getPreferenceString("YOUR_API_TOKEN_HERE" + this.hashCode(this.authApiUrl()));
},

API_KEY is API_SECRET in your profile.

[alimovlex]

You can host your own instance instead and paste the token as I have written above.

If I use Docker, how can I rebuild it? I am looking forward to an update from the team regarding documentation and Docker for this temporary solution

I am not facile with Docker, unfortunately. Instead, I host my own private instance on a VPS.

[LivingWithHippos]

Your modify the main.js like this?

getAuthToken() { return this.getPreferenceString("authToken" + this.hashCode(API_KEY)); },

Where API_KEY = your yt api key

Also how do get into the docker container to modify main.js? I tried bash but that'd didn't work.

When bash doesn't work try sh ;D (or ash for alpine)

Where is the file located BTW?

edit:

I use these aliases in bash (or remove function for zsh) to quickly find and then enter a container with bash or sh (yeah I should env I know)

# get the container name if you don't remember, example: "dclist piped"
function dclist() {
    if [ -z "$1" ]; then
        docker ps -a --format "table {{.ID}}\t{{.Names}}" | (read -r; printf "%s\n" ""; sort -k 2);
    else
        docker ps -a --format "table {{.ID}}\t{{.Names}}" | (read -r; printf "%s\n" ""; sort -k 2) | grep "$1";
    fi
}

# enter a container with bash or sh, example: "dcsh piped"
function dcbash() { docker exec -it "$1" /bin/bash; }
function dcsh() { docker exec -it "$1" /bin/sh; }

[LivingWithHippos]

Partial docker instructions, untested, try only if you know what this means:

1. open your piped instance
2. right click -> view page source or whatever your browser calls it
3. find out the name of the javascript bundled file, mine is <script type="module" crossorigin src="/assets/index-WHXXydFZ.js"></script>

At this point you can either extract it from the container, change it and mount it back (easier, persist across restarts, may break the frontend if the containers are updated) or manually edit it in place (no time so will do this for now, may need restart of the container, may break anyway or just not work) or add the sed command to the start script (it's already doing something similar for the instance name)

5. enter the piped frontend container with its name, I used docker exec -it "piped-frontend" /bin/sh;
6. enter the assets folder with cd /usr/share/nginx/html/assets
7. swap the authToken with sed -i 's/"authToken"/"YOUR_TOKEN"/g' index-YOUR_FILE.js
8. ???
9. If you force refresh the page and check the sources again you can click on the js file and see if it has been changed or not

[enticedwanderer]

I've tried to do what above was suggested with the substitution of the authToken with an API key for Youtube Data v3 (plain API key not OAuth) and it just results in completely broken piped frontend. No trace or any message in the console. I have confirmed that it is substituted correctly in the browser with cache disabled (just in case).

What's supposed to happen when you swap out the hardcoded authToken string? Can someone provide clearer instructions on how to do this?

I'm also confused what "API_SECRET" referenced above is. Is it not the value of the API key?

[Bnyro]

Everything written above about patching getAuthToken() is not true, that authToken is only used to authenticate at Piped instances with your Piped account, it's not related to the visitor tokens used for extracting data from YouTube.

Obtaining YouTube API keys and only setting them in the frontend doesn't solve the problem at all, because the YouTube API key would need to be used at the Piped backend anyways ...

[Bnyro]

You probably want to save yourself that time and either get a new IP address that's not blocked from YouTube or put a proxy / VPN in front of your instance.

[milutinke]

You probably want to save yourself that time and either get a new IP address that's not blocked from YouTube or put a proxy / VPN in front of your instance.

Invidious made a IPv6 rotation tool, so that is another way of solving the issue. It needs a bit of setup, but works pretty good on a couple of instances I saw using it.

[bonswouar]

Invidious made a IPv6 rotation tool, so that is another way of solving the issue. It needs a bit of setup, but works pretty good on a couple of instances I saw using it.

Unfortunately lots of instances had their whole IPV6 /64 range blocked recently. I guess it depends of the provider

[Bnyro]

Unfortunately lots of instances had their whole IPV6 /64 range blocked recently. I guess it depends of the provider

Yes, all my Hetzner IPv6 ranges are blocked too since some days :/

[milutinke]

I heard https://stylenhost.com/ still works.
Maybe we should compile a list of providers that work and don't work.

[lbrealdev]

I currently can't access any video via Piped because of the whole "Sign in to confirm that you're not a bot" BS.

Yesterday I had the same error, so I changed the instance from kavin.rocks to r4fo.com and the videos started working.

[I-I-IT]

@I-I-IT Incorrect. The whole point of LibreTube is that it uses the Piped API. When you disable the proxy for videos, the app still uses a Piped instance to attempt to load all the information required to start the videos: libre-tube/LibreTube#6366 (comment).

Thank you. I see that piped.video (official mirror) is working well. Any way this could be used by third-parties like LibreTube ?

[Pamilg9]

@I-I-IT Incorrect. The whole point of LibreTube is that it uses the Piped API. When you disable the proxy for videos, the app still uses a Piped instance to attempt to load all the information required to start the videos: libre-tube/LibreTube#6366 (comment).

Thank you. I see that piped.video (official mirror) is working well. Any way this could be used by third-parties like LibreTube ?

It doesn't work for everyone (me). You just have to wait for the fix

[SpidFightFR]

@I-I-IT Incorrect. The whole point of LibreTube is that it uses the Piped API. When you disable the proxy for videos, the app still uses a Piped instance to attempt to load all the information required to start the videos: libre-tube/LibreTube#6366 (comment).

You might be looking for something like NewPipe instead. It works "offline."

well i didn't know the differences (in the backend) between libretube (and piped) and newpipe.
I guess as of now, i'll have both libretube (preffered) and newpipe as a backup cuz lately all the instances work like once or twice a day max... it's an imense chaos. I guess i could still use orbot or something to try cover up a little, at the expense of a slower connection...

[opusforlife2]

I found a really stupid workaround: on r4fo.com, at least, if you refresh the page a few times, it eventually loads. It can take anywhere between 2-50 tries. (Yes, I stuck around to find out for sure.)

[clarfonthey]

I know it's tempting to talk about workarounds as a user here, but ideally this issue's discussion should be mostly suggestions on which specific code change should be implemented to more generally fix this. A lot of them have been suggested here, specifically things done by the invidious team, but it's not clear which of them specifically would help here.

[Bnyro]

I found a really stupid workaround: on r4fo.com, at least, if you refresh the page a few times, it eventually loads. It can take anywhere between 2-50 tries. (Yes, I stuck around to find out for sure.)

They might do some load balancing around different nodes or IPs and some sometimes are not yet blocked by coincidence, I don't think that generally works with other instances.

[Bnyro]

I know it's tempting to talk about workarounds as a user here, but ideally this issue's discussion should be mostly suggestions on which specific code change should be implemented to more generally fix this. A lot of them have been suggested here, specifically things done by the invidious team, but it's not clear which of them specifically would help here.

There likely needs to be a fix at the NewPipe Extractor repository first, Piped doesn't have any logic to scrape YouTube information itself.

[candroid-man]

I am receiving this error on web and on mobile via LibreTube

[bellehop]

I am experiencing the issue too.

No video is working. Any solution would be helpful.

[voidplayer]

as a workaround for now, if you have your subscriptions working click on share > youtube > newpipe

If you dont, you can export your subscriptions to json and import them in newpipe

[B0pol]

Can we keep the button view on YouTube when this error happens please ?

[andriitrovg]

go to Settings -> Instance and enable Disable Piped proxy as well as Local streams extraction. Disclaimer: The bot-blocked API call will now be done directly from your IP address, which is obviously less privacy-friendly. Using a VPN is recommended, but might not always work since YouTube blocks IPs of VPN providers as well.

[andriitrovg]

go to Settings -> Instance and enable Disable Piped proxy as well as Local streams extraction. Disclaimer: The bot-blocked API call will now be done directly from your IP address, which is obviously less privacy-friendly. Using a VPN is recommended, but might not always work since YouTube blocks IPs of VPN providers as well.

[mpeter50]

Which instance do you use? We dont have such options (on piped.video, piped.projectsegfau.lt, piped.privacydev.net, piped.smnz.de, piped.adminforge.de).

Also, you have sent your comment doubly.

[lilwat1]

I am also getting this error even when signed in
I use librewolf and linux, and all instances seem to have the issue.

[lilwat1]

I only have two extensions on librewolf: dark reader and ublock origin. Disabling both and reloading changes the error message to: "IOS player response is not valid"

[kubo6472]

Surprised to not have seen this proposed : various apps (Grayjay being one) fetch the video from the iOS client to solve the issue. See : https://gitlab.futo.org/videostreaming/plugins/youtube/-/commit/be0e7891727986154f8482574ac02973fdbd4886

FreeTube fix : FreeTubeApp/FreeTube#5502 (comment)

AFAIK, the issue here is more related to Google banning specific method of obtaining videos, not yet full IP ranges. The fix from invidious concerning this is here : https://github.com/iv-org/inv_sig_helper (here also talks about it https://gitlab.futo.org/videostreaming/plugins/youtube/-/commit/f57b7b330f566ccc4669fd9a62719601d8167228)

Interesting observation: I've been playing with iOS lately, and their "mainline" solution is a 1.99$ extension called Vinegar, that:

I wonder if it was affected by these changed, or does something very WebKit/Safari specific, that allows them to get the HTML5 player working...always.

Would be interesting to explore, if we could somehow mimic the process of having a safari with vinegar, what does YouTube send in the first place, and how does the extension transform it.

Noticed NewPipeExtractor trying to get the HTML5 player here: TeamNewPipe/NewPipeExtractor#1197

[voidplayer]

libretube is working again now too

[bonswouar]

@kubo6472 On (some) private instances, Piped still work, always.
If the IP is clean you shouldn't have any problem

[voidplayer]

Is it possible to add the video to a playlist despite having this error in the browser?

The button is not showing despite being able to load comments (and thus acknowledging the url is okay)

Should i open a separate bug for this?

[Bnyro]

That's the same issue, so no.

[bonswouar]

Could you guys please stop commenting this issue with no new information, many people are following I guess and it's annoying to get useless notifications.
If you've got the same problem (and you probably do), just add a thumb up 👍 to the first post of this thread and hope & wait

And if you wanna chat about workarounds or whatever, the matrix channel is still here

[DWolf-19]

Can we make Piped instance route all the requests over the Tor network? Or like optional feature on client-side (e.g Disable Piped proxy & Local stream extraction in LibreTube but with Tor).