Thank you, Yawning! This looks great. :) I think Kate was planning on writing up an official position of the Tor project on the CloudFlare situation. Amongst other things, it's expected to contain several strong arguments for convincing sites that the CAPTCHA does them no good and to make their CloudFlare configuration more Tor friendly. Or simply use another CDN like Akamai. After that appears, one could add a mailto: link alongside the cfc button, so that users could easily start a dialog with the site where they encounter a CloudFlare CAPTCHA. A mailto: link can have email header and body information like mailto:..@..?subject=Unreachable from Tor due to CloudFlare CAPTCA&body=.. And the body could contain some text derived from whatever Kate writes. In principle, the mailto: link's destination could determine the site's contact information from whois : https://stackoverflow.com/questions/8435678/whois-with-javascript If that's annoying, then simply placing a unix command like "whois [site] | grep Email" into the body along with some explanation should suffice. It's easy enough to do all this with a shell script of course, but if cfc moves towards many people using it then maybe encouraging people to email sites will help. Jeff On Wed, 2016-03-23 at 11:00 +0000, Yawning Angel wrote: > [I hate replying to myself.] > > On Wed, 23 Mar 2016 09:15:36 +0000 > Yawning Angel <yawning@xxxxxxxxxxxxxxx> wrote: > > My "proof of concept" tech demo is what I consider good enough for > > use by brave people that aren't me, so I have put up an XPI package > > at: https://people.torproject.org/~yawning/volatile/cfc-20160323/ > > I noticed some dumb bugs and UI issues in the version I pushed so I > changed a lot of things and uploaded a new version that should be > better behaved. In particular: > > * It is now Content Script based, and does IPC so it may survive the > transition to sandboxed/multiprocess firefox better. > > * It will always inject a button into the DOM instead of trying to > display browser UI stuff (content scripts are supposed to have > isolation...). > > * The UI selection pref is removed. > > * The ask on captcha option for behavior is removed, since a button > always will be there to bypass it. > > * Loading lots of pages that end up displaying street signs *should* > now behave correctly. > > The old release is under `./old` for posterity. > > Sorry for the inconvenience, > > _______________________________________________ > tor-dev mailing list > tor-dev@xxxxxxxxxxxxxxxxxxxx > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Attachment:
signature.asc
Description: This is a digitally signed message part
_______________________________________________ tor-dev mailing list tor-dev@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev