Describe the bug
Two separate bugs affecting cdrm key mode, both present in version 3.14.7.
Bug 1: A false "CDM return an error" warning is shown on every startup even when cdrm-project.com is fully operational.
Bug 2: All cdrm decryption requests fail silently due to incorrect header serialization, resulting in 0 downloads for DRM-protected content.
To Reproduce
- Set
key-mode-default to cdrm in config
- Run
ofscraper --action download --posts messages --username <user>
- Observe red "CDM return an error" warning on startup despite service being up
- Observe 0 downloads for DRM-protected content despite media being found
Expected behavior
- Startup check should correctly report cdrm-project.com as available when it is up
- DRM-protected content should decrypt and download successfully
Screenshots/Logs
N/A, both bugs are reproducible from source code inspection alone (see Additional Context)
Config
"cdm_options": {
"private-key": null,
"client-id": null,
"key-mode-default": "cdrm"
}
System Info
- OS: Windows 11
- Version: 3.14.7
- Installed via: uv
Additional context
Bug 1: ofscraper/utils/system/network.py line ~33 performs a GET request
to /api/decrypt, which only accepts POST, so it always returns non-200
and incorrectly triggers the red warning.
Fix:
# Before
with c.requests(url=url, headers={}) as r:
# After
# this is a bandaid, obviously
with c.requests(url="https://cdrm-project.com", headers={}) as r:Bug 2: ofscraper/commands/scraper/actions/download/utils/keyhelpers.py
line ~121 serializes headers with json.dumps(), producing double-quoted JSON.
cdrm-project.com parses this field with Python's ast.literal_eval, which
requires single-quoted Python dict syntax, causing all decryption requests
to fail with "An error occurred getting headers".
Bandaid fix (restores functionality with cdrm-project.com):
# Before
"headers": json.dumps(headers),
# After
"headers": str(headers),
Note: str() is not a general solution and may break other endpoints.
The proper fix should handle serialization per-endpoint, since other CDM
services may expect standard JSON. The root issue is that cdrm-project.com
uses ast.literal_eval instead of standard JSON parsing for the headers field.
Describe the bug
Two separate bugs affecting cdrm key mode, both present in version 3.14.7.
Bug 1: A false "CDM return an error" warning is shown on every startup even when cdrm-project.com is fully operational.
Bug 2: All cdrm decryption requests fail silently due to incorrect header serialization, resulting in 0 downloads for DRM-protected content.
To Reproduce
key-mode-defaulttocdrmin configofscraper --action download --posts messages --username <user>Expected behavior
Screenshots/Logs
N/A, both bugs are reproducible from source code inspection alone (see Additional Context)
Config
System Info
Additional context
Bug 1:
ofscraper/utils/system/network.pyline ~33 performs a GET requestto
/api/decrypt, which only accepts POST, so it always returns non-200and incorrectly triggers the red warning.
Fix:
Bug 2:
ofscraper/commands/scraper/actions/download/utils/keyhelpers.pyline ~121 serializes headers with
json.dumps(), producing double-quoted JSON.cdrm-project.com parses this field with Python's
ast.literal_eval, whichrequires single-quoted Python dict syntax, causing all decryption requests
to fail with "An error occurred getting headers".
Bandaid fix (restores functionality with cdrm-project.com):
Note:
str()is not a general solution and may break other endpoints.The proper fix should handle serialization per-endpoint, since other CDM
services may expect standard JSON. The root issue is that cdrm-project.com
uses
ast.literal_evalinstead of standard JSON parsing for theheadersfield.