ChatGPT used to be fairly easy to automate via an extension on the page (which is allowed according to what an openai customer rep told me via chat), you used to just call the backend API/conversation end point, as you can see above, with the same payload that it’s being shown initially with a body describing the new message ID and parent message ID etc., and it worked. Several extensions on the chrome store did this.
Now they have a few extra steps, significantly:
fetch("https://chatgpt.com/backend-api/sentinel/chat-requirements", {
"headers": {
"accept": "*/*",
"accept-language": "en-US,en;q=0.9",
"authorization": "Bearer <removed for
.",
"content-type": "application/json",
"oai-device-id": "<removed for security>",
"oai-language": "en-US",
"sec-ch-ua": ""Not-A.Brand";v="99", "Chromium";v="124"",
},
"referrer": "https://chatgpt.com/c/<removed for security>",
"referrerPolicy": "strict-origin-when-cross-origin",
"body": "{"p: <removed for security>"}",
"method": "POST",
});
Which submits as the body the parameter “p” which appears to be some kind of key that must have been gotten or derived somehow from a previous request, but I’m not sure what.
Which then returns an object with a list of a few different kinds of keys (too big to copy here), which appear to somehow be used in this next request:
There’s several keys that are included as new headers which appear to be partially based on the earlier payload.
The problem is that I’m struggling to figure how how those tokens are derived from the earlier payload. It’s somewhere in the minimized code on the page but it’s too complicated to navigate and figure out on my own. Plus I think there are several other requests that it’s getting information from but it’s too hard to figure out exactly what is done to get those token values.
When I try making the request to conversation with new message IDs etc like I used to, even when copying in some new token values, I always get the error “unusual activity detected…”
Has anyone figured out how to do this with the updated security?