Cloudflare protected websites do not load properly with Tor proxy
Categories
(Core :: Networking: HTTP, defect)
Tracking
()
Tracking | Status | |
---|---|---|
firefox-esr60 | --- | unaffected |
firefox67 | --- | wontfix |
firefox67.0.1 | --- | wontfix |
firefox68 | --- | wontfix |
firefox69 | --- | fix-optional |
firefox70 | --- | fix-optional |
People
(Reporter: ke5trel, Unassigned)
References
(Blocks 1 open bug, Regression)
Details
(Keywords: regression, Whiteboard: [tor])
Attachments
(3 files)
Based on a reddit user report:
https://www.reddit.com/r/firefox/comments/c1n9xn/weird_403_issue_with_firefox_tor_and_cloudflare/
STR:
- Install Tor proxy service (eg
sudo apt install tor
). - Change Firefox proxy settings to use Tor (SOCKS
localhost:9050
). - Visit a Cloudflare protected website (examples given were gab.com and aznudes.com (NSFW)).
Expected:
Cloudflare protected website shows a challenge page asking for Captcha and on success the website loads completely.
One more step
Please complete the security check to access example.com
Actual:
Challenge page does not appear, website loads but content like posts and images are missing.
Regression window:
https://hg.mozilla.org/integration/mozilla-inbound/pushloghtml?fromchange=1760e005cecc1f7eedd1e6e4c022d73375d12327&tochange=2a7dce7a42ea0527694c978e98d9af1687aecb36
Regressed by Bug 1417463.
Updated•5 years ago
|
Comment 1•5 years ago
|
||
I can't reproduce here.
IMO it would be WONTFIX if this is an issue caused by following spec.
I'd like to make sure if it's all about the Accept
header.
Kestrel, could you test by click this link https://gab.com/ to see if the challenge page still appears?
We keep the same Accept
for navigation.
cc :baku who might have some insight of Accept
change.
(In reply to Junior [:junior] from comment #1)
could you test by click this link https://gab.com/ to see if the challenge page still appears?
The challenge page does not appear when following the provided link so the site is still broken (posts are missing).
The reddit user mentioned Chrome does not have this issue and I can confirm that it works there using Tor proxy.
chromium --proxy-server="socks5://localhost:9050" --host-resolver-rules="MAP * ~NOTFOUND , EXCLUDE localhost"
Comment 3•5 years ago
|
||
Could you make a http log to move forward?
https://developer.mozilla.org/en-US/docs/Mozilla/Debugging/HTTP_logging
Thanks.
(In reply to Junior [:junior] from comment #3)
Could you make a http log to move forward?
These http logs are immediately before and after the regression.
Comment 5•5 years ago
|
||
The only difference between the Request headers is :
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
and they got different response.
Updated•5 years ago
|
Updated•3 years ago
|
Description
•