yt-dlp: Youtube cookies expire within hours

DO NOT REMOVE OR SKIP THE ISSUE TEMPLATE

I understand that I will be blocked if I intentionally remove or skip any mandatory* field

Checklist

I’m asking a question and not reporting a bug or requesting a feature
I’ve looked through the README
I’ve verified that I’m running yt-dlp version 2023.09.24 (update instructions) or later (specify commit)
I’ve searched known issues and the bugtracker for similar questions including closed ones. DO NOT post duplicates
I’ve read the guidelines for opening an issue

Please make sure the question is worded well enough to be understood

I have been used to youtube coookies lasting a couple of weeks. But since a few weeks I have to update the cookies for yt-dlp daily. Does anyone know what is happening here? My guess is that youtube change its policies. If that is the case, is there a way to automate the process? My current “workflow”:

Opening youtube.com in firefox,
log in to my channel
export cookies (all domains) using “Export cookies”
Use the cookies file with yt-dlp

Provide verbose output that clearly demonstrates the problem

Run your yt-dlp command with -vU flag added (yt-dlp -vU <your command line>)
If using API, add 'verbose': True to YoutubeDL params instead
Copy the WHOLE output (starting with [debug] Command-line config) and insert it below

Complete Verbose Output

[debug] Command-line config: ['-vU']
[debug] Encodings: locale UTF-8, fs utf-8, pref UTF-8, out utf-8, error utf-8, screen utf-8
[debug] yt-dlp version stable@2023.09.24 [088add956] (pip)
[debug] Python 3.11.5 (CPython armv7l 32bit) - Linux-5.10.63-v7+-armv7l-with-glibc2.28 (OpenSSL 1.1.1n  15 Mar 2022, glibc 2.28)
[debug] exe versions: ffmpeg 4.1.11-0, ffprobe 4.1.11-0
[debug] Optional libraries: Cryptodome-3.19.0, brotli-1.1.0, certifi-2023.07.22, mutagen-1.47.0, sqlite3-3.27.2, websockets-11.0.3
[debug] Proxy map: {}
[debug] Loaded 1886 extractors
[debug] Fetching release info: https://api.github.com/repos/yt-dlp/yt-dlp/releases/latest
Available version: stable@2023.09.24, Current version: stable@2023.09.24
yt-dlp is up to date (stable@2023.09.24)

About this issue

Original URL
State: open
Created 9 months ago
Reactions: 3
Comments: 24 (9 by maintainers)

Most upvoted comments

TL;DR of current known workarounds:

Export cookies in a private/incognito window
- Open new private/incognito tab, log into youtube, open a new tab, close youtube tab then export cookies. Be sure to close the window after to ensure the cookies are never used in the browser.
Block https://accounts.youtube.com/RotateCookiesPage and https://accounts.youtube.com/RotateCookies in your browser you are using cookies from (not recommended)
Use --cookies-from-browser if your action is quick
Log in using oauth2 with this experimental plugin: https://github.com/coletdjnz/yt-dlp-youtube-oauth2

coletdjnz on Dec 22, 2023

https://github.com/coletdjnz/yt-dlp-youtube-oauth2

Yes! Time to grab this link above and integrate to official builds right now. Seems Google started deprecate third party cookies, first party cookies deprecates soon in short to middle. They were annouced and deploying new mechanism on Chromium based browser. YES! TIME TO DEPLOY OAUTH LOGIN SUPPORT RIGHT NOW.

codenamedpkt on Jan 14, 2024

From a quick look: the browser appears to be callinghttps://accounts.youtube.com/RotateCookiesPage?origin=https://www.youtube.com&yt_pid=1. This runs another javascript rube goldberg machine to transform a value akin to nsig. It then calls https://accounts.youtube.com/RotateCookies with that transformed value which refreshes the cookies.

I’m guessing this is required or else the cookies are invalidated by YouTube if they are not refreshed.

We could attempt to implement this, but, I don’t think its really feasible or worthwhile to maintain.

Probably better off spending that time implementing oauth support for YouTube.

A simple workaround would be to generate the cookies file in an incognito window, where the cookies are never used again in browser and therefore will never be rotated.

A few weeks ago, I saw this workaround somewhere (without knowing why) and tried it out. And my cookies file is still valid until now.

jim60105 on Nov 4, 2023

From a quick look: the browser appears to be callinghttps://accounts.youtube.com/RotateCookiesPage?origin=https://www.youtube.com&yt_pid=1. This runs another javascript rube goldberg machine to transform a value akin to nsig. It then calls https://accounts.youtube.com/RotateCookies with that transformed value which refreshes the cookies.

I’m guessing this is required or else the cookies are invalidated by YouTube if they are not refreshed.

We could attempt to implement this, but, I don’t think its really feasible or worthwhile to maintain.

Probably better off spending that time implementing oauth support for YouTube.

Blocking these 2 URLs (using an ad-blocker) can be a workaround for this, in addition to generate the cookies from a private window/a browser you never use.

theo77186 on Dec 10, 2023

From a quick look: the browser appears to be callinghttps://accounts.youtube.com/RotateCookiesPage?origin=https://www.youtube.com&yt_pid=1. This runs another javascript rube goldberg machine to transform a value akin to nsig. It then calls https://accounts.youtube.com/RotateCookies with that transformed value which refreshes the cookies.

I’m guessing this is required or else the cookies are invalidated by YouTube if they are not refreshed.

We could attempt to implement this, but, I don’t think its really feasible or worthwhile to maintain.

Probably better off spending that time implementing oauth support for YouTube.

coletdjnz on Nov 4, 2023

I was using [my browser] all the time with the same account logged in as I am using for yt-dlp.

I’d imagine this is common practice for many/most users of yt-dlp, and as such we should keep this issue open until there is some kind of solution applied to yt-dlp

bashonly on Nov 28, 2023

I’ve uploaded a cookie regenerator on my gist. It can be easily ported to youtube just by changing the urls, I guess.

https://gist.github.com/szv99/f78c032736443fab51075bc45f9faf09

szv99 on Nov 27, 2023

I’m noticing this too. Will need some investigation.

I suspect there might have been a change where active requests in the browser are causing cookies to be replemised.

I first tried to export cookies and use --cookies “%~dp0\cookies.txt” to specify cookies, but after a few minutes, it became invalid. When I downloaded member-only videos, it prompted me to need a higher level. permission.

Later, I used the --cookies-from-browser firefox parameter and logged in to YouTube in the browser. Everything worked fine at first, but after a few minutes to dozens of minutes, the same cookie failure occurred.

wutongskype on Nov 3, 2023

It seems that youtube is rapidly invalidating cookies for IP addresses that have been flagged (e.g. data center IPs) or blocked (you would be getting 403 error responses from videoplayback URL requests without cookies).

Using --cookies-from-browser would be the simplest way around this. You may need to refresh the cookies in browser; so if you need full automation you could have an external script launch firefox pointing to youtube dot com before executing yt-dlp

bashonly on Jan 19, 2024