search

rmcauley / rainwave

Rainwave Site and Radio Controller
http://rainwave.cc
GNU General Public License v2.0
193 stars 38 forks source link

Cloudflare CAPTCHA served to curl clients #158

Open JeremyRand opened 3 years ago

JeremyRand commented 3 years ago

Steps to reproduce

  1. Run curl https://rainwave.cc/tune_in/5.ogg.m3u via Tor.

Expected results

The playlist should be displayed.

Observed results

The HTML source for a Cloudflare CAPTCHA is displayed.

Other notes

This is most likely due to a misconfiguration on your Cloudflare account. Cloudflare's default Tor behavior is to serve a CAPTCHA to users whose HTTP client isn't Tor Browser. This default may make sense for HTML content that will not be downloaded, but for servers that serve downloads that might be retrieved via wget or curl (e.g. .m3u files), that default will be problematic. You can fix this by setting the whitelisting level to Essentially Off for the T1 country code in Cloudflare's UI for the rainwave.cc domain.

rmcauley commented 3 years ago

These days I'm thinking we don't even need CloudFlare anymore and may turn it off entirely in the future.

You can work around CF easily by accessing core.rainwave.cc/tune_in/5.ogg.m3u - that DNS entry is not routed through CF. Is that an acceptable workaround?