Cloudflare endless looping due fingerprinting #15039
Comments
ryanbr
added
webcompat/not-shields-related
|
cc: @pes10k |
|
I've reached out to CF to see if we can work things out with them. @ryanbr, could you follow up in the community thread and let them know that we're trying to work things out with Cloudflare? |
|
strange behaviour cloudflare has. Notorious things they are upto. In brave we trust. fix the internet it will. |
|
Cloudflare says they've addressed, and I can't reproduce this anymore (I was on Wednesday). I'm going to close, though if anyone is still seeing this issue, please reopen and let me know. Thanks! |
|
Hello I am the person who reported this issue (Tannerk08) I want to thank you guys for resolving this problem. It now is fixed and works! Thank you guys for all the time you put in to make Brave better for the people! |
|
Still happens on Android client. |
|
thank you for letting me know @dimon222 , let me loop back with Cloudflare and see if they have any more information. |
|
@dimon222 can you confirm whether you're using the default or aggressive level fingerprinting protections? |
|
|
|
I still have this issue, same as dimon222, I only get throught by allowing all fingerprints. I'm using it on Mac v1.22.71 |
|
@dimon222 and @leoschet , I was wondering if you each could let me know what UA string you're browsing with. Cloudflare has told me that would help them sort things out. If you need a convenient place to get your UA, https://www.whatismybrowser.com/detect/what-is-my-user-agent can be handy thanks for any help you can provide! |
|
Can confirm this. Happens across all Cloudflare DDoS protected sites, including Gitlab's signin page. Allowing all fingerprinting (or of course shields down) allows the CF check to pass. Cheers, |
|
Just to follow up here, I have an ongoing discussion with Cloudflare folks to sort this out. I hope to have more news to share shortly, but we're working on it aggressively |
|
Just another user reporting in. Having this issue on Linux client but disabling fingerprinting/shields doesn't fix it for me. |
|
Just to update everyone on the issue, we were able to sort out the issue with Cloudflare (its a collision between Brave's fingerprinting defenses and changes in upstream), and its fixed in brave/brave-core#8562. It should hit nightly in the next 24 hours There are also hot fixes being prepared for Beta and Stable too (see above), which should also land in the next 24 hours. Thanks very much again for everyone's help in reporting this and making sure it got sorted! |
|
Verified passed on Verified STR from description. Confirmed I was redirected as expected.
Verification passed on
Verification PASSED on
|
|
Verification passed on OnePlus 6T with Android 10 running 1.23.73 x64 build
Android.ARM.Cloudflare.Redirect.mp4Verification passed on Samsung Tab A with Android 10 running 1.23.73 x64 build
Android.TAB.Cloudflare.Redirect.mp4 |
|
Hi there, I've been having issues with Brave Browser (1.38.111) on Linux (Fedora Workstation 35 & 36) not being able to pass DDOS protection pages including Cloudflare's. After completing the Cloudflare CAPTCHA, a long delay precedes a 403 error in DevTools. This issue is not present using Brave on Windows, nor using Firefox on Linux. |
|
@pes10k, I typically have fingerprinting at default, but the issue persists even when Brave Shields are down. I'm not running a VPN nor using Tor mode. I originally thought it might be due to me visiting from Linux instead of Windows but, after installing Firefox on Fedora, I was able to get through the DDOS check. |
|
Thank you for the follow up information. Two more questions if you don't
mind:
1. If you feel comfortable sharing, what country / geo are you connecting
from?
2. If you feel comfortable sharing, what URL(s) are you seeing the issue on?
Thanks!
…On Fri, May 13, 2022 at 3:24 AM Kristopher James Kent < ***@***.***> wrote:
@pes10k <https://github.com/pes10k>, I typically have fingerprinting at
default, but the issue persists even when Brave Shields are down. I'm not
running a VPN nor using Tor mode. I originally thought it might be due to
me visiting from Linux instead of Windows but, after installing Firefox on
Fedora, I was able to get through the DDOS check.
—
Reply to this email directly, view it on GitHub
<#15039 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAASV3UGGAHOA5KFFFGTITDVJYGUFANCNFSM42EH2U7Q>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
|
|
My apologies for the slow reply, @pes10k. I'm connecting from the UK. I'd be happy to share the URLs I'm seeing the issue on, but it actually seems the issue has resolved. I recall that cloudflare.com itself inaccessible, but, I've just successfully accessed the website. In addition, a few minutes ago, https://sportsbikeshop.co.uk actually showed the DDOS protection screen for a second before redirecting successfully. Good news from a practicality standpoint, but perhaps not for issue reproduction! I shall get in touch, though, if I see it again. Thanks for your assistance with this. |
|
I have the same issue across all Cloudflare protected websites. |
|
are you connecting through a VPN or Tor mode? Are you in default shields configurations? If the answers are no, no and yes, @ryanbr may be able to help debug |
and others
Description
Visiting the
http://chaingames.io/caused an endless loop for the userSteps to Reproduce
http://chaingames.io/Actual result:
Expected result:
Allow cloudflare to work correct (redirect correctly, and not loop)
Reproduces how often:
I wasn't able to reproduce, was reported via the forums.
Brave version (brave://version info)
Version 1.22.70 Chromium: 89.0.4389.105 (Official Build) (x86_64)Version/Channel Information:
Other Additional Information:
Miscellaneous Information:
Reported here: https://community.brave.com/t/brave-browser-stuck-on-cloudflare-loop/224513/
I wasn't able to reproduce this, but logged ticket for followup/confirmation
The text was updated successfully, but these errors were encountered: