Jump to content

My Browser Builds (Part 3)


Recommended Posts

6 hours ago, VistaLover said:
On 9/8/2022 at 4:44 AM, AstroSkipper said:

The problem must have to do with a change in the browsers, either in the current or in an earlier release. Some weeks ago, everything was fine. Maybe, our browser experts have an idea. I do not have one at the moment. 

@roytam1, any clue on your side?

maybe because of this: https://repo.palemoon.org/MoonchildProductions/UXP/issues/1986

Link to comment
Share on other sites


33 minutes ago, roytam1 said:

@roytam1! Thanks for your assessment! Changes in the flex layout could really be a reason for the issue that the original values of the position properties don't work anymore in uBlock Origin's dashboard.css. :)

Kindest regards, AstroSkipper matrix.gif

Link to comment
Share on other sites

On 9/8/2022 at 1:24 PM, AstroSkipper said:

The more choice there is, the better! Your solution of creating a bookmark, I did many years ago. One bookmark of tons of others. In the moment you want to access this bookmark you have to find it, one of many, many others.

In the interest of choice, Serpent (Australis interface) offers yet another solution: open about:about in a tab, then pin the tab!

BTW, when using my pinned tab, I prefer to right-click, then open my chosen about: page in a new tab. That way I don't have to remember to go back to the previous page when I'm done.

Link to comment
Share on other sites

6 hours ago, Mathwiz said:

In the interest of choice, Serpent (Australis interface) offers yet another solution: open about:about in a tab, then pin the tab!

BTW, when using my pinned tab, I prefer to right-click, then open my chosen about: page in a new tab. That way I don't have to remember to go back to the previous page when I'm done.

Hello @Mathwiz! Thanks for the next alternative! You're right, the more, the better! Frankly, I never really used pinned tabs, but it sounds like a method that has a higher probability of accessing the about:about pages quickly in the event of a case. Speaking only for myself, I prefer the about:about button provided by the extension Toolbar Buttons, whose position I know exactly for accessing it without any delay.. But, I'll just try your solution to get to know the feature of a pinned tab, too. :yes: :)

Link to comment
Share on other sites

smilie_m_006.gif Hello again to all browser experts!

Although I am informed about roytam1 browsers' developments and read this thread regularly, I am not really clear whether one has to live with the following problem or whether there might be a solution via polyfill or otherwise. I wanted to book cinema tickets online at the following site: www.uci-kinowelt.de. My main browser is New Moon 28 (2022-09-10). The website itself can be opened, but a login is not possible due to an endless Cloudflare security check that never comes to an end. :realmad: I have read such problems here before. The spoofing of most recent user agents of Firefox or Chrome didn't help, either. :no: Is there any hope that such modern security checks will also be successful in New Moon 28, Serpent 52, and so on one day? :w00t: The only browser that successfully completes the security check is 360Crome v13, but what it opens doesn't look good, either. :no: In the end, I successfully booked my tickets on my Android tablet in the most recent version of Opera. jexplique.gif

Greetings from Germany, AstroSkipper surmene.gif

Edited by AstroSkipper
Update of content
Link to comment
Share on other sites

The mirror of latest BNavigator, Firefox 45ESR, IceApe, IceDove, K-Meleon 1.5.x/74/76, MailNews 52, New Moon 26.5/27/28 and Serpent 52/55 builds by @roytam1 has been updated -> soggi.org - tools.

changelog:
- added latest BNavigator 0.9 20220910 build
- added latest IceApe 52 20220910 build
- added latest IceDove 52 20220910 build
- added latest K-Meleon 76 20220910 build
- added latest MailNews 52 20220910 build
- added latest New Moon 27 20220910 builds
- added latest New Moon 28 20220910 builds
- added latest Serpent 52 20220910 builds
- added latest Serpent 55 20220910 builds

To don't lose track of things I want to update too someday...

todo:
- add various flash player versions
- add FlashFix for WinXP
- add VLC 2.2.8 (WinXP non-SSE2)
- add polyfill addons

kind regards
soggi

Link to comment
Share on other sites

@AstroSkipper

10 hours ago, AstroSkipper said:

www.uci-kinowelt.de. My main browser is New Moon 28 (2022-09-10).
The website itself can be opened, but a login is not possible
due to an endless Cloudflare security check that never comes to an end. :realmad:

When I clicked the Login button, I was redirected to
https://www.uci-kinowelt.de/meinuci/login
Within seconds, the "CF security check" kicked in...

D3WLAZc.jpg

As you can see, that test is intolerant of slow internet connections and slow computers (like yours and, to a lesser extent, mine... :realmad:)

After some 10sec or so, I got offered a hCaptcha challenge (probably because my CPU was too slow to solve complex mathematical functions :() :

biJ6SYK.jpg

Once I clicked the "I'm human" (in Greek) input field, the test continued for another 5sec, after which time I finally got "Connection is secure" outcome,

zSLshCk.jpg

and then I was presented with the log-in page:

q56QPLb.jpg

I could not test whether valid credentials worked from that point on, as, obviously, I didn't have any at my disposal :P ...

That was with my St52 build of [2022-08-06] (will update shortly, though...). FWIW, the successful result of the "CF-secure-connection" test (I'll call it a user ordeal :angry: ) has been saved locally in the form of a cookie named "cf_clearance", that will expire in exactly one year from its creation...

Edited by VistaLover
Link to comment
Share on other sites

8 hours ago, AstroSkipper said:

I wanted to book cinema tickets online at the following site: www.uci-kinowelt.de. My main browser is New Moon 28 (2022-09-10). The website itself can be opened, but a login is not possible due to an endless Cloudflare security check that never comes to an end. :realmad: I have read such problems here before. The spoofing of most recent user agents of Firefox or Chrome didn't help, either.

Seems to be another recurring issue. We last encountered it last May:

On 5/5/2022 at 6:40 PM, VistaLover said:

Well, things look gloomy, indeed... :(
I've read the following CF support article:

https://support.cloudflare.com/hc/en-us/articles/200170136#browser-support

and they plainly state: 

Quote

If you are already using a major web browser, make sure it is using the latest version.

Supported browsers

If your visitors are using an up-to-date version of a major browser — such as Chrome, Firefox, Safari, Microsoft Edge, Chrome and Safari on mobile — they will receive the challenge correctly.
...
If your visitors encounter issues using a major browser besides Internet Explorer, they should upgrade their browser.

Expand  

The "non-interactive JS challenge" GitLab are sending, as part of their CloudFlare protection, is meant to work on only the major villains, i.e. Chrome and "buddies" :realmad: ... That article was last modified a month ago, possibly the same time GL log-in became broken...

And it would seem that User-Agent-Sniffin' does play a role, in the initial detection at least, according to:

https://support.cloudflare.com/hc/en-us/articles/204191238-What-are-the-types-of-Threats-#bad-browser

Quote

Cloudflare's Browser Integrity Check looks for common HTTP headers abused most commonly by spammers and denies them access to your page. It will also challenge visitors that do not have a user agent or a non standard user agent (also commonly used by bots, crawlers, or visitors).

The problem from back then (May 5) was eventually resolved by NM 28.10.6a1:

On 5/26/2022 at 9:06 AM, GrandAdmiralThrawn said:

I just updated from New Moon 28.10.5a1 to 28.10.6a1 (64-bit on XP x64) and noticed it can now pass the Cloudflare browser check! This is reaaaally helpful for my partly web-based primary workflow, so if anything you did made this work, roytam1, you have my sincere thanks!

But, from @AstroSkipper's post, it looks like Cloudflare has "fixed" their challenge to once again block NM (probably official PM too).

AIUI, Cloudflare just out-and-out blocks certain user agents "abused most commonly by spammers," but if you spoof a modern browser (Chrome on my Android is up to version 105 now), Cloudflare will send Javascript that only a modern browser can pass.

What to do? Well, first, make sure it's not just a regression: download and try the previous NM version. If it works, report back here.

But that probably won't work. Next step is for someone to try official PM. If, as I suspect, it doesn't work there either, know that upstream will be working on it, so 28.10.7a1 will likely resolve the issue. (Not much comfort in the meantime, I realize.)

In the meantime, or if all else fails, your best option would be to find a UA that is neither "abused most commonly by spammers" (whatever that means) nor that of a modern browser, in the hopes that Cloudflare will then send you a CAPTCHA. You'd then have to solve an annoying CAPTCHA (and likely provide Google some unpaid labor) but at least you could sign in.

Edit: Well, once again, @VistaLover beat me to it, although I suspect he worked longer on his post than I did on mine!

Anyway, using Serpent 52 (and presumably its default UA) he did eventually receive the annoying CAPTCHA, which apparently he didn't have to solve manually. (Cloudflare may not like his PC, but Google was apparently satisfied that he wasn't a bot.)

BTW, does anyone besides me find it, well, just plain stupid that Cloudflare thinks you may be a bot if your PC is too slow? What would be the point of using a bot that's slower than a human anyway? If it's that slow, you could just pay some impoverished third-world resident to do the same work, and (s)he could solve all the CAPTCHAs your site could manage.

Edit 2: Or not - it just occurred to me that many of Google's CAPTCHAs are rather specific to modern Euro-American culture, so maybe a third-world resident couldn't solve them so easily; I don't know for sure....

Edited by Mathwiz
Link to comment
Share on other sites

Hello AstroSkipper,

when logging into  https://www.uci-kinowelt.de/meinuci/login

the following happens:

1. Checking if the site connection is secure

2. Login

3. I Accept  (now you have to click away that cookie button)

4. Mein UCI Login

5. I entered a fake e-mail adress & password

6. Bitte E-Mail und Passwort prüfen !

    (please check e-mail &  password)  

Basically the login process seems to be working.

Browser:

NM28sse (2022-09-10) with palefill@addons.martoks-place.de.xpi(palefill-1.20 ING)

 

Edited by anton12
Link to comment
Share on other sites

6 hours ago, Mathwiz said:

You'd then have to solve an annoying CAPTCHA (and likely provide Google some unpaid labor) but at least you could sign in.

6 hours ago, Mathwiz said:

he did eventually receive the annoying CAPTCHA, which apparently he didn't have to solve manually. (Cloudflare may not like his PC, but Google was apparently satisfied that he wasn't a bot.)

... In the interest of correctness ;) , what I did receive was NOT reCAPTCHA, but hCaptcha; the latter is NOT Google-owned (it's owned by Intuition Machines, Inc., whoever they may be :dubbio:... ) .

6 hours ago, Mathwiz said:

BTW, does anyone besides me find it, well, just plain stupid that Cloudflare thinks you may be a bot if your PC is too slow?

... Remember, I'm not a native English speaker :w00t: ... After re-reading CF's "tip" in the first screengrab of my previous post,

Quote

Did you know some signs of bot malware on your computer are
computer crashes, slow internet and a slow computer?

... I think what they're saying is: "Should you experience computer crashes, slow internet and slowness in your computer, these might be signs of a "bot malware" infestation" ... :P

Edited by VistaLover
Link to comment
Share on other sites

A slow Internet and/or computer can be signs of malware on your PC, including "bot malware" (by which I think they mean something like the infamous Back Orifice, intended for hackers to use your computer, by remote control, to secretly do things like attack other computers) or at least, a noticeable decrease in speed can be signs of such. (You, the user, would of course be best positioned to notice such a decrease. All Cloudflare can tell is that your computer/Internet connection are slower than it considers typical.)

But to be blunt, I think Cloudflare couldn't possibly care less whether your PC or mine has a malware infestation, unless said malware is being used to attack one of their paying clients, like @AstroSkipper's movie ticket site. The purpose of the "security check" is to protect their customer, not you. So I hope they presented that message merely as a courtesy while you waited for the final result of their "security check."

Of course, your browser didn't fail the check outright; CF ended up passing the question on to "hCAPTCHA" for a final determination. (BTW, "hCAPTCHA" is new to me. Well, at least they didn't rely on Google!) But even if your browser had been fast enough not to have received that message, I think you still would've gotten the CAPTCHA, unless CF's algorithm amounts to, "If this goes really fast, it couldn't possibly be a bot, so no reason for a CAPTCHA. But if it goes slowly, well, then 'bot malware' might be involved - better send a CAPTCHA just to be sure!"

In the unlikely case that this is CF's algorithm, I think it's a pretty stupid one, since the whole point of a bot is to do things faster than humans!

Link to comment
Share on other sites

@VistaLover, @Mathwiz, @NotHereToPlayGames, @anton12!
Thank you all for your investigations, advices, and tips! Yesterday I only had a little time. I just wanted to book cinema tickets quickly, and that was more of an odyssey on my old computer. Maybe, it was my own stupidity, I could have used my Android tablet directly. BTW, the movie "Top Gun - Maverick" was simply great! At home again, I opened the problematic website www.uci-kinowelt.de in Serpent 52 (2022-09-10), and it worked perfectly with a very fast and successful security check for my slow computer without any annoying captcha. That surprised me. Next, I opened it with a new profile in New Moon 28 (2022-09-10), and suddenly, what can I say, it worked there, too. Thanks @VistaLover and @anton12 for your confirmation! In both cases, palefill 1.20 was installed. I still have to investigate why the security check cannot be completed successfully in my main profile of NM 28. Unfortunately, the 360Chrome browsers were no help in this case. :no: I can say one thing with all clarity: I abysmally hate these sites with a so-called security check. :realmad:
fluch.gif

 Cheers, AstroSkipper expresssi.gif

Edited by AstroSkipper
Update of content
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...