Open reallytiredofclowns opened 8 months ago
This could be possible. Though I believe it would case of once we block a user the fingerprint is added to a list that is blocked. A main issue with implementing this though would be privacy as we would need to store the fingerprint anyways to tie it back to a specific user/person.
Something like this maybe (just a same demo idea)
// getIP extracts the IP address of the client from the request
func getIP(r *http.Request) string {
// Standard proxy forwarding header
forwarded := r.Header.Get("X-Forwarded-For")
if forwarded != "" {
return strings.Split(forwarded, ",")[0] // return the first IP if multiple are present
}
return strings.Split(r.RemoteAddr, ":")[0] // fallback to direct connection IP
}
// browserFingerprint generates a unique identifier for a user based on their browser details
func browserFingerprint(r *http.Request) string {
userAgent := r.UserAgent()
acceptLang := r.Header.Get("Accept-Language")
encoding := r.Header.Get("Accept-Encoding")
ip := getIP(r)
// Combine the collected details to form a unique identifier
rawIdentifier := fmt.Sprintf("%s|%s|%s|%s", userAgent, acceptLang, encoding, ip)
// Hash the combined string using SHA-256 for a consistent, anonymized identifier
hasher := sha256.New()
hasher.Write([]byte(rawIdentifier))
hashedIdentifier := hex.EncodeToString(hasher.Sum(nil))
return hashedIdentifier
}
I don't think having the IP address as a part of the hash is helpful in this particular case, as the user in question is apparently hopping IPs like crazy. But the general idea is interesting.
Ah, then that tends to make it harder. Either way, they could just spoof a new browser which is pretty easy
Does anyone have any expertise with fingerprinting? Related to the suggestion with IP banning, I know Reddit does implement some sort of procedure to help detect ban evasion. This might help with the recurring !@#$-disturber on Discuit.
Here is an overview article of fingerprinting that I found fairly comprehensible, as someone completely new to the idea.