←back to thread

Anubis Works

(xeiaso.net)
313 points evacchi | 2 comments | 12 Apr 25 22:32 UTC | HN request time: 0.49s | source
Show context
tripdout ◴[12 Apr 25 22:52 UTC] No.43668552[source]
The bot detection takes 5 whole seconds to solve on my phone, wow.
replies(4): >>43668607 #>>43668678 #>>43668723 #>>43668824 #
Hakkin ◴[12 Apr 25 23:01 UTC] No.43668607[source]
Much better than infinite Cloudflare captcha loops.
replies(1): >>43668977 #
gruez ◴[13 Apr 25 00:15 UTC] No.43668977[source]
I've never had that, even with something like tor browser. You must be doing something extra suspicious like an user agent spoofer.
replies(3): >>43669011 #>>43669040 #>>43669198 #
praisewhitey ◴[13 Apr 25 01:07 UTC] No.43669198[source]
Firefox with Enhanced Tracking Protection turned on is enough to trigger it.
replies(2): >>43669228 #>>43670028 #
aaronmdjones ◴[13 Apr 25 04:12 UTC] No.43670028[source]
You need to whitelist challenges.cloudflare.com for third-party cookies.

If you don't do this, the third-party cookie blocking that strict Enhanced Tracking Protection enables will completely destroy your ability to access websites hosted behind CloudFlare, because it is impossible for CloudFlare to know that you have solved the CAPTCHA.

This is what causes the infinite CAPTCHA loops. It doesn't matter how many of them you solve, Firefox won't let CloudFlare make a note that you have solved it, and then when it reloads the page you obviously must have just tried to load the page again without solving it.

https://i.imgur.com/gMaq0Rx.png

replies(1): >>43671279 #
genewitch ◴[13 Apr 25 09:08 UTC] No.43671279[source]
You're telling me cloudflare has to store something on my computer to let them know I passed a captcha?

This sounds like "we only save hashed minutiae of your biometrics"

replies(3): >>43672849 #>>43672901 #>>43675330 #
1. gruez ◴[13 Apr 25 14:05 UTC] No.43672901[source]
>You're telling me cloudflare has to store something on my computer to let them know I passed a captcha?

You realize this is the same as session cookies, which are used on nearly every site, even those where you're not logging in?

>This sounds like "we only save hashed minutiae of your biometrics"

A randomly generated identifier is nowhere close to "hashed minutiae of your biometrics".

replies(1): >>43675361 #
2. genewitch ◴[13 Apr 25 19:52 UTC] No.43675361[source]
the idea that cloudflare doesn't know who i am without a cookie is insulting.