privacy.resistFingerprinting makes Cloudflare DDoS protection loop forever
Categories
(Core :: DOM: Security, defect, P3)
Tracking
()
People
(Reporter: tom_mozilla, Unassigned)
References
(Blocks 1 open bug, )
Details
(Whiteboard: [domsecurity-backlog])
Steps to reproduce:
- Enable privacy.resistFingerprinting in about:config.
- Navigate to
https://www.tapatalk.com/groups/tapatalksupport/search.php.
Actual results:
A Cloudflare DDoS protection page appears. ("Checking your browser before accessing tapatalk.com. This process is automatic. Your browser will redirect to your requested content shortly.") The console displays a warning: Cookie “cf_chl_seq_xxxxxxxxxxxxxxx” has been rejected because it is already expired.. After several seconds, the page reloads, the console displays a 503 error, and the process repeats.
Expected results:
When privacy.resistFingerprinting is disabled, the Cloudflare DDoS protection page redirects to the Tapatalk search page as expected. The console displays other warnings, but not the 503 error or the "already expired" warning.
Reproduced on 94.0b4.
|
Reporter | |
Updated•3 years ago
|
Upstream discussion:
https://community.cloudflare.com/t/firefox-resistfingerprinting-vs-cloudflare-challenge/306354
It can also be caused by setting dom.enable_resource_timing = false.
|
||
Updated•3 years ago
|
Same here. My dom.enable_resource_timing is set to true. Even disabling all tracking protection/privacy stuff (i.e. set custom protection level in the regular Firefox settings and disable everything) and making sure privacy.resistFingerprinting is false doesn't seem to work.
Firefox 91.4.0esr in my case. Also happens for those hCaptcha "One more step" pages by the way, it simply reloads the page after submitting the challenge.
|
||
Comment 3•1 year ago
|
||
I believe we fixed this recently.
Description
•