Warning: this is a super hacky proof of concept project that contains a lot of dirty and badly written code, but hey, it works for me.
Facebook has a tool in settings page, it can bulk modify post privacy settings for old posts, the tool is called "Limit old posts".
However, the tool can only modify posts that are shared with "Public" or "Friends of friends". So my script attempts to solve this problem.
Facebook Graph API does not offer a way to modify post privacy settings, so my script needs you to steal cookies from a logged in browser, and send resuests emulating the browser to modify post privacy settings.
This script first uses Graph API to grab all post ID's from a specific timeframe, then emulate browser requests to each of them.
However, I found that the wacky Graph API /user_id/posts endpoint does not actually show all posts, so there needs to be another way to grab all post IDs.
TOKEN
: a valid Facebook OAuth client token that is authorized to read your own timeline, you can go to Facebook Graph API Explorer, authorize it, and copy its token here.
privacy_setting
: target privacy setting you wish to set. You can use 286958161406148
for "Only me". To use other values, open your browser developer console's network tab, then change privacy setting to what you want (Friends, Public, Custom list, etc) for an arbitrary post, monitor the dev console for xhr POST request to /privacy/selector/update/
, inside the request HTTP query strings, post_param
is the id for that privacy setting. Set this privacy_setting
to the privacy setting id you want to use.
BODY
: also from the request intercepted above, copy the request body here. It usually starts with __user=....
.
COOKIE
: steal cookies also from that intercepted request, you can find it in cookie
request header.
One way to grab all post IDs is:
-
Open your profile page on a browser
-
Find something small and heavy to keep your
End
key (Fn+Down
for Mac) pressed down -
Go to lunch
-
In the browser, save the page
-
Use the following command to get all post IDs that is on the saved HTML page:
egrep -oh 'top_level_post_id":"(\d+)"' Your_page.html | cut -c 31-45
-
Save post IDs to a file
post_ids
Then, process_from_ids.py
can read post IDs from that file and modify privacy settings for them.
Note: maybe later I can use Casperjs to grab the post IDs, maybe even get cookie by emulating login on Casperjs
AGPLv3