NotHereToPlayGames Posted August 5, 2024 Posted August 5, 2024 4 minutes ago, Dixel said: https://github.com/win32ss/supermium/issues/779 I know you were not directing that to me. But as for me, yes, I did see that. But I hold no credence whatsoever in that "report" until the web site being cited is PUBLICLY DISCLOSED. I've not yet witnessed any "login denial" based on ClientHint "data" !!! !!! !!! I have witnessed "Please update your browser" banners that do go away when the ClientHint "data" is SPOOFED. But I was still able to create an account and login WITHOUT spoofing my ClientHint "data". I personally want to WITNESS THIS FOR MYSELF. Claims of it happening without providing a PUBLICLY DISCLOSED web site where I can WITNESS IT FOR MYSELF is essentially USELESS to me (and you). Without a publicly disclosed web site where each and every one of us can WITNESS the claimed theory, then it's nothing but "hype and propaganda". Please do not misread, I'm not trying to play both sides, I'm honestly not. I do spoof Client Hints via Proxomitron. But I've NEVER witnessed a "login denial" and I would like to WITNESS ONE.
Sampei.Nihira Posted August 5, 2024 Posted August 5, 2024 20 minutes ago, Dixel said: Thanks for your opinion, unfortunately people wouldn't agree, and one the cases is documented here. probably you didn't see it yet. https://github.com/win32ss/supermium/issues/779 It is not an opinion it is a lesson. To forge client hints from the browser development tools, you must first disable the default UA. So you have 2 options to follow recommended by me. And 1 option recommended by @NotHereToPlayGames Your choice.
NotHereToPlayGames Posted August 5, 2024 Posted August 5, 2024 8 minutes ago, Dixel said: I'm looking for a simple solution like modifying headers on the fly and make them switchable from presets That's EXACTLY what Proxomitron does! But sure, we'll see if alternative solutions present themselves. I know you were following the discussion between D.Draker and I where I showed him screencaps of Proxomitron spoofing Client Hints. It CAN be done. Just how much that does or does not affect the end user's "privacy" is up for debate. But if you want to know if it can be done, the answer is YES. I'll sit back now and see if alternative solutions come forth.
D.Draker Posted August 6, 2024 Posted August 6, 2024 On 8/5/2024 at 3:57 AM, Sampei.Nihira said: This is a false problem. No, it's not. "I will change the default for Sec-Ch-Ua to "Google Chrome". I think this may also help with some other website compatibility issues and reduce the fingerprinting surface of Supermium. And also introduce the option from ungoogled-chromium to disable UACH altogether, as well as options to report as Windows 11, iOS 17, Android latest version or macOS 15." https://github.com/win32ss/supermium/issues/779#issuecomment-2269497358 4
D.Draker Posted August 6, 2024 Posted August 6, 2024 On 8/5/2024 at 8:07 AM, NotHereToPlayGames said: what Proxomitron does! Can I use my proxy servers (paid, encrypted with a pass) for downloading from insta with it? Those proxies need to be changed via script 'cause insta blocks IPs after a couple dozens of pics were downloaded. I'm scrapping accounts with sports food. 3
Sampei.Nihira Posted August 6, 2024 Posted August 6, 2024 If you do not want to use the recommended options,you just have to wait.
D.Draker Posted August 6, 2024 Posted August 6, 2024 16 hours ago, Sampei.Nihira said: If you do not want to use the recommended options,you just have to wait. I don't use Supermium, I use this browser, so nothing to "wait" for. https://msfn.org/board/topic/186346-i-moved-to-centbrowser-i-feel-happy-about-it/ 4
Saxon Posted August 12, 2024 Posted August 12, 2024 We are doomed: "Unfortunately there are issues passing the site-specific UACH override to the renderer (specifically, the URL information that is available at HTTP header creation is not available at renderer creation), which means that it is only reliable for UACH information transferred by the HTTP header and not by JavaScript. With this in mind, I can only implement one default override." https://github.com/win32ss/supermium/issues/779#issuecomment-2282871131 1
Saxon Posted August 12, 2024 Posted August 12, 2024 @VistaLover, why won't you ask win32 to reimplement the flag from the ready made Ungoogled patch? 1
VistaLover Posted August 14, 2024 Posted August 14, 2024 On 8/12/2024 at 8:23 PM, Saxon said: ask win32 to reimplement the flag from the ready made Ungoogled patch? ... The Supermium author notified that the "old" --disable-features=UserAgentClientHint cmdline switch will be applicable to his next release, either a third (and final) M124-based one, or the first of an M126-based series (Chromium 126 ESR branch): https://github.com/win32ss/supermium/issues/779#issuecomment-2282969891 https://github.com/win32ss/supermium/issues/779#issuecomment-2287764156 1
Dixel Posted August 17, 2024 Author Posted August 17, 2024 A good example of how Client Hints "give up" the OS you're on, thus blocking you on Cloudfare. https://github.com/win32ss/supermium/issues/797 4
NotHereToPlayGames Posted August 17, 2024 Posted August 17, 2024 I would look at SSL Certificate in that example. It doesn't appear to be related to Client Hints.
Dixel Posted August 17, 2024 Author Posted August 17, 2024 11 hours ago, NotHereToPlayGames said: I would look at SSL Certificate in that example. It doesn't appear to be related to Client Hints. How then you explain it works on Win7? 4
Dixel Posted August 17, 2024 Author Posted August 17, 2024 I can't even test the captcha, on Vista it blocks me immediately, that said, I'm certain it wants to see the "good" CH result. Why? Because if I block CH via --disable-features=UserAgentClientHint, I immediately get the same result on 7, too! 3
NotHereToPlayGames Posted August 17, 2024 Posted August 17, 2024 29 minutes ago, Dixel said: How then you explain it works on Win7? Because the OP specifically cited XP and we get these all the time. XP users keep forgetting that XP cannot do "elliptic curve".
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now