#33010: Monitor cloudflare captcha rate: do a periodic onionperf-like query to a
cloudflare-hosted static site
----------------------------------+------------------------------
Reporter: arma | Owner: metrics-team
Type: task | Status: new
Priority: Medium | Milestone:
Component: Metrics/Exit Scanner | Version:
Severity: Normal | Resolution:
Keywords: network-health | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
----------------------------------+------------------------------
Comment (by cypherpunks):
>One catch is that Cloudflare currently gives alt-svc headers in response
to fetches from Tor addresses. So that means we need a web client that can
follow alt-srv headers -- maybe we need a full Selenium like client?
Tor Browser does not upgrade immediately, so that's not too much reason to
use real web browser. However, Cloudflare is doing fingerprinting of TLS
handshake Client Hello (cipher suites and group in tls 1.3) to tell real
Tor Browser from spoofed. Must build curl from NSS and set correct headers
and cipher suites to pass.
Cloudflare have also different levels of protection, and some
grandfathered protection levels have no Tor Browser whitelisting. Should
test them all.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/33010#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs
