新版xs的生成流程和之前一样。
x1 x2 x3 x4
拼接
转base64后加密生成payload
payload和其他几个拼接后再base64生成xs
要补的地方在代码中用 TODO 标注了,大家自行查看调试。
demo仅供参考,有些需要登录的接口,尽量把cookie都贴上。
Python调用demo
import requests
import execjs
import json
def homefeed(web_session,a1):
headers = {
"accept":"application/json, text/plain, */*",
"cache-control":"no-cache",
"content-type":"application/json;charset=UTF-8",
"cookie":f"a1={a1}; webBuild=4.28.5; xsecappid=xhs-pc-web; web_session={web_session};",
"origin":"https://www.xiaohongshu.com",
"referer":"https://www.xiaohongshu.com/",
"user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36",
"x-b3-traceid":"a31fffc0ee4f5d8f",
"x-s-common":"",
}
data = {"cursor_score":"","num":31,"refresh_type":1,"note_index":32,"unread_begin_note_id":"","unread_end_note_id":"","unread_note_count":0,"category":"binggaokao_feed_recommend","search_key":"","need_num":6,"image_formats":["jpg","webp","avif"],"need_filter_image":False}
exc = execjs.compile(open('xs20240808.js', 'r', encoding='utf-8').read())
xs_xt = exc.call('get_xs','/api/sns/web/v1/homefeed',data,a1)
xs_xt['X-t'] = str(xs_xt['X-t'])
headers.update(xs_xt)
feed = 'https://edith.xiaohongshu.com/api/sns/web/v1/homefeed'
print(requests.post(url=feed, data=json.dumps(data, separators=(",", ":")), headers=headers).text)
def aweme_detail(a1,web_session):
headers = {
"accept":"application/json, text/plain, */*",
"cache-control":"no-cache",
"content-type":"application/json;charset=UTF-8",
"cookie":f"a1={a1}; webBuild=4.28.5; xsecappid=xhs-pc-web; web_session={web_session};",
"origin":"https://www.xiaohongshu.com",
"referer":"https://www.xiaohongshu.com/",
"user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Edg/127.0.0.0",
}
data = {"source_note_id":"66b303f4000000000503bcf6","image_formats":["jpg","webp","avif"],"extra":{"need_body_topic":"1"},
"xsec_source":"pc_feed","xsec_token":"ABjDy1e-6o2dnHbDQpKmzm4Bg1fYZ70Q38GLdA9-n2UJw="}
exc = execjs.compile(open('xs20240808.js', 'r', encoding='utf-8').read())
xs_xt = exc.call('get_xs','/api/sns/web/v1/feed',data,a1)
xs_xt['X-t'] = str(xs_xt['X-t'])
headers.update(xs_xt)
feed = 'https://edith.xiaohongshu.com/api/sns/web/v1/feed'
print(requests.post(url=feed, data=json.dumps(data, separators=(",", ":")), headers=headers).text)
if __name__ == '__main__':
# 需要登录的 cookie 尽量给全点
a1 = "你的a1"
web_session = "你的web_session"
homefeed(web_session,a1)
JS代码
仅供参考。
【温馨提示:此处隐藏内容需要付费订阅后才能查看!】