Windows XP: Cloudflare - endless download cycle

[xixhub]

For about 2 weeks now I've been having problems accessing sites with Cloudflare protection. There is an infinite loading cycle, but only on Windows XP. On Windows 7 everything works: the checkout is normal. Does anyone else have similar problems?

Windows XPSP3, Supermium_x86 124.0.6367.245 / 122.0.6261.152

For tests: https://2captcha.com/demo/cloudflare-turnstile https://www.inbox.lv/

[win32ss]

Possible UACH discrimination issue. That's why Supermium will soon default to identifying as Google Chrome 128 running on Windows 11.

[XakerTwo]

OFFTOP

and that is how the usage stats of various win versions, based on the browser' info, is falsified: no support and substitution of some info, started from v101/107 (but in same time such substitution can "secure" from well dumb targeted attacks, and reduce fingerprinting and discrimination like the above)

[Stepman123]

Possible UACH discrimination issue.

This is unlikely. These checks pass normally as always. With the original user agent.

[XakerTwo]

hm... can confirm that is not an CH issue. On Win XP SP2 x64 at least two errors come up that is not present on Win 7 SP1 x64

side-by-side XP and Win7 with swapped UA and UACH

 ^{yep there local rofl}

and the second(actually first) error that happens before manual confirming


[Vangelis66]

... My OS is Windows Vista SP2 32-bit;

On a Sm-122-r6 fresh profile (all settings and flags at default values, no extra extensions), I can easily pass both CF checks below: https://2captcha.com/demo/cloudflare-turnstile-challenge https://www.inbox.lv/

On my Sm-122-r6 "dirty" profile (a plethora of customised GUI settings, cmdline switches, internal flags, plus a number of installed extensions), I can finally pass those two CF tests above with greater difficulty and only after disabling certain privacy/security related extensions, e.g.

Canvas Fingerprint Defender, Decentraleyes, Font Fingerprint Defender, I don't care about cookies, Privacy Badger, Simple Privacy Settings, uBlock Origin (development build), possibly even some Violentmonkey userscripts...

But a certain NSFW website, https://rule34hentai.net/ will refuse to come through, either in a Sm-122-r6 pristine new profile or in an old "dirty" one :rage: ...

The CH "profile" of my Sm-122-r6 copy is shown below:

Moving on to Sm-124-final and in a minimal profile with just uBO-dev installed, the first two CF challenges are successfully passed quite easily :+1: , but when trying to load the NSFW site linked previously, I finally managed to pass its CF check (but not right away and only after I ticked the "verify you're human" box) ... The CH "profile" of my Sm-124 copy is:

1. It's absolutely outrageous that CF has become the gatekeeper of the internet, dictating how (OS, browser brand, browser version) one can access sites behind it - this is certainly material for the EFF and many more institutions...
2. It has become apparent to me that the inability to pass through CF protection is not a "one-size-fits-all" issue, this is controlled by a multitude of factors (even unique to different browser profiles of the same browser brand/major version) ...
3. While ClientHints are suspected as being the major villain here (and the subject of ad nauseam speculations on a dedicated MSFN thread), can the real experts here decide why Sm-124 can pass the CF check at *hentai* while Sm-122 simply won't? Is it plain User-Agent-String, ClientHints or Javascript/CSS-engines related?

Thanks for any insight (BTW, that NSFW site was cited as non-functioning in another community, I simply use it here as one of the "difficult" cases; probably more exist :disappointed: ) ...

[SampeiNihira]

@Vangelis66

Unfortunately, I cannot do the test with your Operating System.

I would be very interested if this extension (you should use only this extension and not combine it with the others you use) solves your problem:

https://jshelter.org/

Obviously MV3 has reduced performance.

[XakerTwo]

after looking at Vangelis66's screenshots i notice that his(and my) JS part not fully spoofed - browser version and platform from JS CHs differents from UA and now, if i'm correct, i spoofed all possible places and even whatismybrowser stop telling me that i'm looks like Gecko while impersonated as Chrome plus runned on Win 0.6.0 or Win NT(just NT). And cloudflare demo from first post is passed as well while i'm impersonate my browser as 122.0.0.0 on Win XP x64 aka Srv 2003 and even XP x32

Chrome 122 @ Win XP x32 (impersonated, the real system is Win 7 x64)


so the real cause probably disordered and inconsistent info in CHs of JS, Headers and UserAgent(window.navigator.userAgent and window.navigator.appVersion) that may trigger some protection mechanisms

but on XP(with no extensions and on clean profile) there were some errors in browser console, so i check it later with correct spoofing and if it not solve the issue - assume there some issues on browser side at specific OS

UPD: XP x64 SP2 on VMWare - failed even with correct spoofing via extension :disappointed: ...work over the webworkers... :trollface: btw errors 6000?? and 3000?? related to bot-like looking, according to CF docs, plus their captcha don't like when size of window and page don't match(devtools in same window)

_{p.s. now i'm thinking about own extension to do that all in one place instead of two extensions plus TM for JS part...}

[xixhub]

Anyway, here's the deal: on a freshly installed WindowsXP SP3, no problems with Cloudflare! (I was not lazy and installed it on a different hard disk) So, the problem seems to be in the dirtiness of the system (although, I did nothing special, except for updating the driver for the network card).

And one more important note: all old Firefox-based browsers (Palemoon, Serpent, Mypal) pass Cloudflare check for WindowsXP. I have the problem only on chrome-like browsers (Supermium, Thorium, 360Extreme Explorer).

But reinstalling the system on my main computer because of this - no desire.

Maybe Cloudflare will die soon, or at least give the opportunity to manually fill in captcha, as in all normal protection services. Well, somehow...

[Marek33]

Possible UACH discrimination issue. That's why Supermium will soon default to identifying as Google Chrome 128 running on Windows 11.

Please don't change the user agent to Windows 11, since Windows 10 still has twice as many users: https://gs.statcounter.com/os-version-market-share/windows/desktop/worldwide Plus. I don't see any reason that if Supermium showed Win11 instead of Win10, it would change anything.

[Vangelis66]

And one more important note: all old Firefox-based browsers (Palemoon, Serpent, Mypal) pass Cloudflare check for WindowsXP. I have the problem only on chrome-like browsers (Supermium, Thorium, 360Extreme Explorer).

... That's probably because these forks do NOT support at all the Client Hints API :stuck_out_tongue_winking_eye: ; only relatively recent Chromium versions do...

[XakerTwo]

as for 124 R2 the only CH that is not send yet is FormFactor, rest is due to config/flags. Even Arch and WoW-ness are sent