[metrics-bugs] #33010 [Metrics/Exit Scanner]: Monitor cloudflare captcha rate: do a periodic onionperf-like query to a cloudflare-hosted static site
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Jan 22 03:23:32 UTC 2020
#33010: Monitor cloudflare captcha rate: do a periodic onionperf-like query to a
cloudflare-hosted static site
----------------------------------+------------------------------
Reporter: arma | Owner: metrics-team
Type: task | Status: new
Priority: Medium | Milestone:
Component: Metrics/Exit Scanner | Version:
Severity: Normal | Resolution:
Keywords: network-health | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
----------------------------------+------------------------------
Comment (by cypherpunks):
There is also case where only subresource requests trigger captcha, but is
not displayed to user. This make sites break and no way for resolve
because user cannot see captcha!
Example site https://kiwiirc.com/nextclient/
Open network panel in dev tools and visit link. You will see that
javascript resources are 403 forbidden and require captcha, but this not
displayed to user. If you open 403 urls in url bar, is working without
problem. Difference is Accept header.
Only one thing worse than reCRAPtcha is invisible reCRAPtcha. At least
visible captcha I can solve and access site. Invisible captcha is just
access denied without telling you.
What is point of captcha if cannot be seen, cloudflare?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/33010#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the metrics-bugs
mailing list