[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #33010 [Metrics/Exit Scanner]: Monitor cloudflare captcha rate: do a periodic onionperf-like query to a cloudflare-hosted static site
#33010: Monitor cloudflare captcha rate: do a periodic onionperf-like query to a
cloudflare-hosted static site
----------------------------------+------------------------------
Reporter: arma | Owner: metrics-team
Type: task | Status: new
Priority: Medium | Milestone:
Component: Metrics/Exit Scanner | Version:
Severity: Normal | Resolution:
Keywords: network-health | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
----------------------------------+------------------------------
Comment (by cypherpunks):
There is also case where only subresource requests trigger captcha, but is
not displayed to user. This make sites break and no way for resolve
because user cannot see captcha!
Example site https://kiwiirc.com/nextclient/
Open network panel in dev tools and visit link. You will see that
javascript resources are 403 forbidden and require captcha, but this not
displayed to user. If you open 403 urls in url bar, is working without
problem. Difference is Accept header.
Only one thing worse than reCRAPtcha is invisible reCRAPtcha. At least
visible captcha I can solve and access site. Invisible captcha is just
access denied without telling you.
What is point of captcha if cannot be seen, cloudflare?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/33010#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs