search

arkenfox / user.js

Firefox privacy, security and anti-tracking: a comprehensive user.js template for configuration and hardening
MIT License
10.03k stars 515 forks source link

arkenfox blocks HTML Meta refresh [solved: no it doesn't - check your VPN/proxy] #1782

Closed rriski closed 9 months ago

rriski commented 9 months ago

🟥 https://github.com/arkenfox/user.js/wiki/5.2-Troubleshooting

🟪 REQUIRED INFO

The OpenWRT admin page Luci uses the HTML Meta refresh to redirect requests from http://192.168.1.1 to http://192.168.1.1/cgi-bin/luci/. Here is the response:

curl -vvv http://192.168.1.1
*   Trying 192.168.1.1:80...
* Connected to 192.168.1.1 (192.168.1.1) port 80 (#0)
> GET / HTTP/1.1
> Host: 192.168.1.1
> User-Agent: curl/8.1.2
> Accept: */*
>
< HTTP/1.1 200 OK
< Connection: Keep-Alive
< Keep-Alive: timeout=20
< ETag: "150a-30c-64c665f3"
< Last-Modified: Sun, 30 Jul 2023 13:30:27 GMT
< Date: Sat, 09 Dec 2023 12:40:15 GMT
< Content-Type: text/html
< Content-Length: 780
<
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
        <head>
                <meta http-equiv="Cache-Control" content="no-cache, no-store, must-revalidate" />
                <meta http-equiv="Pragma" content="no-cache" />
                <meta http-equiv="Expires" content="0" />
                <meta http-equiv="refresh" content="0; URL=cgi-bin/luci/" />
                <style type="text/css">
                        body { background: white; font-family: arial, helvetica, sans-serif; }
                        a { color: black; }

                        @media (prefers-color-scheme: dark) {
                                body { background: black; }
                                a { color: white; }
                        }
                </style>
        </head>
        <body>
                <a href="cgi-bin/luci/">LuCI - Lua Configuration Interface</a>
        </body>
</html>
* Connection #0 to host 192.168.1.1 left intact

The response uses http-equiv with content=0 to immediately refresh the page with the url URL=cgi-bin/luci/. However, refresh doesn't happen and the admin page doesn't load. I have not been able to identify the setting that blocks this behavior, any ideas what that setting might be?

rusty-snake commented 9 months ago

The setting would be accessibility.blockautorefresh but it is not altered by AF.

Your STR reads as follow to me: "I made sure it is caused by AF", "I assume the issue is not following the meta-refresh". Can you step back and make sure that the first request gets send and a meta-refresh responds cames back. Using the Network tap in the devtools.

rriski commented 9 months ago

The setting would be accessibility.blockautorefresh but it is not altered by AF.

Your STR reads as follow to me: "I made sure it is caused by AF", "I assume the issue is not following the meta-refresh". Can you step back and make sure that the first request gets send and a meta-refresh responds cames back. Using the Network tap in the devtools.

accessibility.blockautorefresh and services.sync.prefs.sync.accessibility.blockautorefresh are both false. Looking at the network tab, it looks like the request never even receives a response. My overrides are:

user_pref("browser.safebrowsing.downloads.remote.enabled", true); // Enable download lookups to Google Safe Browsing
user_pref("privacy.clearOnShutdown.history", false); // Don't clear browsing and download history on shutdown
user_pref("privacy.resistFingerprinting.letterboxing", false); // Don't use dynamic margin on websites
user_pref("network.http.referer.XOriginPolicy", 0);

Any ideas on how to debug what could be blocking the response. Works fine on non-arkenfox profile, other browsers and curl.

rriski commented 9 months ago

Worked it out, was related to VPN proxy config. Disconnecting the SOCKs proxy to Mullvad fixed the issue. Closing.