I have worked around Youtube's latest obfuscation. You can again download all videos and playlists with my youtubedown
script and bookmarklet.
Let me know if you find any that still don't work.
Great googly-moogly, that was a pain in the ass!
There's a get_video_info that tells you the URLs for the various resolutions of video data of a Youtube clip, in JSON form. Back in 2012, they changed it so that you had to take the provided "sig=" parameter and append it to the video URL before it would work. This signature appears to be a hash of some of the parameters to the URL (similar to what OAuth does) and the video-data URLs give you a 403 without it.
Within the last few months, they've started rolling out a new glitch where sometimes the signature (which is now "s=" instead of "sig=") is tagged with "use_cipher_signature", and... it's enciphered. Just enciphered. No actual crypto: simply a character-position-swapping cipher! These enciphered sigs come in lengths from 82 to 88 bytes, and you have to re-order and drop characters in particular ways to get them down to the 81-byte original signature. Each length seems to have a different algorithm, unless there's an overarching pattern that I haven't spotted.
It's purely security-through-obscurity! What a dick move.
What is this I don't even.
For laughs, check out the decipher_sig() function.
Now I have to wait for Miro to play catch-up and deploy a similar fix. I'm not holding my breath, because they still haven't released even a nightly build that includes the fix for downloading restricted Vimeo videos that I explained to them over a year ago. Sigh.