FF 133.0.3 (64bit)
OSX 13.6 Ventura
Am having trouble reliably accessing any site that uses Cloudflare.
No extensions are installed, no UA switching.
Have tried:
D… (gụkwuo)
FF 133.0.3 (64bit)
OSX 13.6 Ventura
Am having trouble reliably accessing any site that uses Cloudflare.
No extensions are installed, no UA switching.
Have tried:
- Default settings as well as purposefully turning various settings "off", both with existing and brand new profiles.
- Disabling "Enhanced tracking protection", but it does appears to be hard-coded "on" as it appears as "Enabled" when any new site is visited, even even though about:protections clearly states "Enhanced Tracking Protection: OFF".
- Multiple DNS providers (Google -> 8.8.8.8, 8.8.4.4), (OpenDNS -> 208.67.222.222, 208.67.220.220), (Cloudflare -> 1.1.1.1, 1.0.0.1)
The issue with Cloudflare is getting past its endless "Verify you are human" turnstyle checkbox. As stated above ETP is supposedly "off". Even went ahead and added "https://cloudflare.com" and "https://challenges.cloudflare.com" to the ETP exceptions list (which should be unneccesary as ETP is supposedly "off").
Though this ticket was a few years old, followed all steps from
https://support.mozilla.org/bm/questions/1273784
to no effect.
Double-checked:
Settings -> Privacy and Security:
ETP -> Custom -> ALL unchecked (cookies, Tracking Content, Cryptominers, Known fingerprinters, Suspected fingerprinters)
DNS over HTTPS -> Off
about:config:
network.cookie.cookieBehavior -> 0
privacy.socialtracking.block_cookies.enabled => false
privacy.trackingprotection.enabled
privacy.trackingprotection.pbmode.enabled
privacy.trackingprotection.cryptomining.enabled
privacy.trackingprotection.fingerprinting.enabled
Going to any site and clicking the protection "Heart" icon still shows enhanced tracking protection to be "Enabled" (though it should not be). On any Cloudflare site, selecting "Disabled" immediately brings up the "Verify you are human" checkbox ad infinitum.
Just for fun, inspected a page a couple of times (the new serenity.ai search engine), clearing cookies & cache each time, noting the network tab via inspect. The only thing that appeared to change was the value of a cookie, and cloudflare's Ray ID. Two responses were in error, a 403 and a 401:
Request Headers (403):
GET /search/new?q=pending&newFrontendContextUUID=4f32d4c2-d660-4ff0-9887-2a3aae266a9b HTTP/2
Host: www.perplexity.ai
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:133.0) Gecko/20100101 Firefox/133.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br, zstd
Referer: https://www.perplexity.ai/
Connection: keep-alive
Cookie: __cf_bm=DNF1kEWfzAVxab2PKJWFLyU0IXE4b5LNz.PIeoJOkOM-1734448407-1.0.1.1-cS8gMWSRlFpgYv_.cZdM9mQ9DGzIsHM9wFfeFHhXwA0zY1vtZPh0rn4dDiC63I.z.w93j4IcSXrQnpjOuNyM1w; AWSALB=lTKv0yx38yEkkWzEYB967kh1SykONJgcXE9Ge6jOe93Ty6rjgkH/Z3fBTxkSNUqRnXDgFFI+KYesnIBGiZH490IN/2pXP88ymp9yPPEyygVgD81friGNeJZgn45BTyocfNyYmsqEskUA+rHB0ltxa1YhhpxrUABoqY/udkHGsyL4vlSvuzYJ4MOWwWlS4g==; AWSALBCORS=lTKv0yx38yEkkWzEYB967kh1SykONJgcXE9Ge6jOe93Ty6rjgkH/Z3fBTxkSNUqRnXDgFFI+KYesnIBGiZH490IN/2pXP88ymp9yPPEyygVgD81friGNeJZgn45BTyocfNyYmsqEskUA+rHB0ltxa1YhhpxrUABoqY/udkHGsyL4vlSvuzYJ4MOWwWlS4g==; pplx.visitor-id=4bc3f08b-020e-439e-8e93-15f8b6af0f83; __cflb=02DiuDyvFMmK5p9jVbVnMNSKYZhUL9aGkVUmJ5FqcYiD2; _dd_s=rum=0&expire=1734449360079; cf_clearance=UZ9n6kS.QQutYN0gn.BNstdZs_YZ764L76SAZVNJPjk-1734448407-1.2.1.1-u9UM_ZNPiKyD4aznyWVe1SJiRAquh36ZYaCGE7Np4pK_beiYl.c4oV23VoufQ8xzQ72Z_Enav6x.H37HHoRduCFPk_BCdFRrpPi1qYVJmHbUmgqEcash1cfl9bMUkoimji9AgONyabWAOng7o4fvRcjRyf.HdQVDXij2eVr_zzxm1Yt484iGVG6cyelIgm.xkIAaHpnmiBlnJElUdeaH5ptdBjdprkgL6S9LmMq6cQSz1xYmef2gH7yyC.kkIcZypX7uazKwOnrpe3QJnJTN3YNG_8NddGw3UOdrU.3AWSTyVv7_TjskqV3GrvUImEISakVICmxuRDZ7v9xi5DdMwJ__ocBaSEghOpbpPAoYANE; next-auth.csrf-token=772ac4d1fe8dfdfc70db3336892bafe3e7738102b83aa8269663e3444d1a1aa6%7Cd4206f57d899feb21c14f1aff27d0ce596dfb06c928c52d7cda16f3dc9a52eec; next-auth.callback-url=https%3A%2F%2Fwww.perplexity.ai; __stripe_mid=d89f9abf-fdd8-4910-b012-9a0a1da2b3405fa7e8; __stripe_sid=b520bbae-1a2d-4363-9e2e-3f058998c945eff199; pplx.metadata={%22qc%22:1%2C%22qcu%22:0%2C%22qcm%22:0%2C%22qcc%22:0%2C%22qcd%22:0%2C%22hli%22:false%2C%22hcga%22:false%2C%22hcds%22:false%2C%22hso%22:false%2C%22hfo%22:false}
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
Priority: u=0, i
TE: trailers
Response Headers (403):
HTTP/2 403
date: Tue, 17 Dec 2024 15:14:20 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-content-options: nosniff
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: Gdpf2G2P84icaUc9eXBrWRoMXFniOcc94+Rt+ymiXoU/cQYKq8+xzyEgik2f0RThFUI4k5JP9g+7skl51OBeTGu39RBCR7yL/tmwF/QGgJBjDwK3EIC0tYjHpE5BW4phtvO78Z9jG2iIgdkLyHJdhw==$aGNrRFcXEu22z86D/jnmkA==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f37dcbbeae32e6a-DFW
content-encoding: gzip
X-Firefox-Spdy: h2
Fetch (403):
await fetch("https://www.perplexity.ai/search/new?q=pending&newFrontendContextUUID=9d97fef3-8197-4a4a-841f-690468857281", {
"credentials": "include",
"headers": {
"User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:133.0) Gecko/20100101 Firefox/133.0",
"Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8",
"Accept-Language": "en-US,en;q=0.5",
"Upgrade-Insecure-Requests": "1",
"Sec-Fetch-Dest": "document",
"Sec-Fetch-Mode": "navigate",
"Sec-Fetch-Site": "same-origin",
"Sec-Fetch-User": "?1",
"Priority": "u=0, i"
},
"referrer": "https://www.perplexity.ai/",
"method": "GET",
"mode": "cors"
});
Request Headers (401):
GET /cdn-cgi/challenge-platform/h/b/pat/8f37dcbe4d1e2836/1734448460780/74c530203e547de34250ba4b3b0818fccad4eb8dceb870bebc84a25ac4424ca4/8ST9YViz3dffgoY HTTP/2
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:133.0) Gecko/20100101 Firefox/133.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br, zstd
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/d8tib/0x4AAAAAAADnPIDROrmt1Wwj/dark/fbE/normal/auto/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Priority: u=4
Cache-Control: max-age=0
TE: trailers
Response Headers (401):
HTTP/2 401
date: Tue, 17 Dec 2024 15:14:20 GMT
content-type: text/plain; charset=utf-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gdMUwID5UfeNCULpLOwgY_MrU643OuHC-vISiWsRCTKQAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAscjm_UO_k901rNdCKgLw5bvI4i6M_jDNCIXpfs2LRbtxwLOrUyplqVvML_hVlB5tIDMuj0ihhaOFHose-Y0_UjQnNUGE_vol46VvGgscTMtTjU4xINriap8AMTIygvljEBt6my-nBwkUGhY3U9v5iKC-eWR5bTfvrqFsuIVxafkSfhHqDXB4KLGNjvOOV71GGJ9x4yxA-C2OcULZ1uDDKuvAaMhuiWdF6OzSTXruP9yPg1vmuteavOW1re0YDbCbtK16PhHdSzWym7v_FrvId-2zf26j50FlTd_vl_DcKNDVCgWDoU0uX3cU6V3rSQoVXREEqPr-2ywSGru8ZuXRoQIDAQAB", max-age=20, PrivateToken challenge="AAIAHXNhdC5wYXQtaXNzdWVyLmNsb3VkZmxhcmUuY29tIHTFMCA-VH3jQlC6SzsIGPzK1OuNzrhwvryEolrEQkykABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAsLS4HBnLGydwK-bLQGRCaoyMsrXBRrDgQVmxS06j3UF0nYSd6GdTGCKIu1WV60eg-tJtTttfEVq7wHVQf4vzjYBidmCh88ebzxKv2GB6PESSodf5MsEup9xd5dxpkYScgL1CCJq89kRrOQ_CS61bvkL_oGyZf4ffqG5THgaOsopqj8dFLH6_SMy9yf8EgMYqpyjxfKsD-1_qb1m1DRjJEKPWKIGwmHXIKQJUqsxZFm4_Inwkxx7QMpVP4GyqlTxFVz7stWwJRSkMLHjEM_IWLUYfPhuwIUVqmRjGsY1n8flA1bRfxaWHNDxoi25-M2BKTP9NkNNJBbTKErhrZ9LGywIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIHTFMCA-VH3jQlC6SzsIGPzK1OuNzrhwvryEolrEQkykABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAnjx4ES9FK_7HoOz2eOuAOLsLJohAAACh84h85AqhAgNOQHBXgzvaRlSVTWSxbxqMaM7_mzi_nXEX7uTPY4QjDPwxO1-MTMRr9MTdbId3v2KeXk7Utq2UL3Sqq1pUAFuYr5f3iNWvcUTPA2uQnM5rA2Y6y4ihqGeKzjo4Ws3RUng4UG_XpnH7TLtkaQT2lSlx1KW3HVmqe3s2nErL6VnmuSSy2fq44coBInPp7ynWCw8_3S_-dcI8a5go7lg2mavoCR40euH5CdnAunVSViDwmvWwAp-1utTaVRH5Js528pcl79qQZBn4JNqyILi_Ymqw1LSnr8eYgV1xj4dzW1hJqQIDAQAB", max-age=20
server: cloudflare
cf-ray: 8f37dcc06f682836-DFW
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
Fetch (401):
await fetch("https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/8f37e12ccc22e79a/1734448642308/b0f60510f953d7fa51138545e66632922718d191f21dd45996658b37e0dd46d0/BgNyxuJHfe5Ju1e", {
"credentials": "omit",
"headers": {
"User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:133.0) Gecko/20100101 Firefox/133.0",
"Accept": "*/*",
"Accept-Language": "en-US,en;q=0.5",
"Sec-Fetch-Dest": "empty",
"Sec-Fetch-Mode": "cors",
"Sec-Fetch-Site": "same-origin",
"Priority": "u=4",
"Cache-Control": "max-age=0"
},
"referrer": "https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/2iqu9/0x4AAAAAAADnPIDROrmt1Wwj/dark/fbE/normal/auto/",
"method": "GET",
"mode": "cors"
});
Had also reported this issue over at Cloudflare a while back; they were not very forthcoming as to why this behavior might be occurring. Often their own forum would get the endless turnstyle with FF.
Other browsers do not have this issue, and while I very much like Firefox, in recent releases it has become all but unusable where Cloudflare is concerned.
Please advise how to reliable get past Cloudflare's endless "Verify you are human" turnstyle.
Thanks!