为提升您的使用体验,本站正在维护,部分功能暂时无法使用。如果本站文章无法解决您的问题,您想要向社区提问的话,请到 Twitter 上的 @FirefoxSupport 或 Reddit 上的 /r/firefox 提问,我们的支持社区将会很快回复您的疑问。

搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

详细了解

Cloudflare challenges only work in incognito (with all extensions)

  • 7 个回答
  • 0 人有此问题
  • 421 次查看
  • 最后回复者为 zeroknight

more options

I've been having an issue for a while now where the cloudflare challenges that ask you to click the check mark to "verify your connection is secure" would just endlessly ask me to click the button and never continue. Sometimes it would say to unblock access to challenges.cloudflare.com.

But if I a launch an incognito window I can visit website with the challenge and it won't even ask! I've added all my extensions to run in incognito mode and everything still works, I can visit the websites in incognito just fine. So the one changing variable is incognito vs non-incognito.

I can have two windows open, one incognito and one not, and browse to the same website and the non-incog window will fail but the incog will just go to the site.

I thought incognito was supposed to only affect the session storage? Does it silently change other things to the running environment of the browser (about:config options, slightly different extension configs)?

Anyone know why this small change would suddenly allow cloudflare challenges to work?

I've been having an issue for a while now where the cloudflare challenges that ask you to click the check mark to "verify your connection is secure" would just endlessly ask me to click the button and never continue. Sometimes it would say to unblock access to challenges.cloudflare.com. But if I a launch an incognito window I can visit website with the challenge and it won't even ask! I've added all my extensions to run in incognito mode and everything still works, I can visit the websites in incognito just fine. So the one changing variable is incognito vs non-incognito. I can have two windows open, one incognito and one not, and browse to the same website and the non-incog window will fail but the incog will just go to the site. I thought incognito was supposed to only affect the session storage? Does it silently change other things to the running environment of the browser (about:config options, slightly different extension configs)? Anyone know why this small change would suddenly allow cloudflare challenges to work?

被采纳的解决方案

After some testing with a local web server and disabling the extensions one-by-one, the problem one is the user-agent spoofer. It appears that even after specifically enabling it to run (and it does show in the toolbar) in incognito windows it actually just doesn't run at all. The HTTP user agent is the original when making requests.

Very strange behavior from this extension, and I did just see a review on it that said it just flat out breaks cloudflare. Looks like I will be uninstalling that.

定位到答案原位置 👍 4

所有回复 (7)

more options

The Multi-Account Containers extension does not work in private windows even with permission. Others may be similar so you should try disabling your extensions.

more options

zeroknight said

The Multi-Account Containers extension does not work in private windows even with permission. Others may be similar so you should try disabling your extensions.

The only extensions I have installed are ublock origin, umatrix, dark reader, and User-agent switcher. I have enabled all of these to run in incognito and the cloudflare challenges still work with each of them operating just as in the non-incognito window.

Are you saying that incognito actually changes the behavior/functions of extensions? Because I can think of no other reason to test with the non-incognito window with extensions disabled. Regardless, I will test it out when I find another site with the challenge.

more options

选择的解决方案

After some testing with a local web server and disabling the extensions one-by-one, the problem one is the user-agent spoofer. It appears that even after specifically enabling it to run (and it does show in the toolbar) in incognito windows it actually just doesn't run at all. The HTTP user agent is the original when making requests.

Very strange behavior from this extension, and I did just see a review on it that said it just flat out breaks cloudflare. Looks like I will be uninstalling that.

more options

Do you mean User-Agent Switcher and Manager? That works for me in private windows.

Anti-bot protection is likely to reject user-agent modifications.

more options

zeroknight said

Do you mean User-Agent Switcher and Manager? That works for me in private windows. Anti-bot protection is likely to reject user-agent modifications.

Yes, I am using that user-agent switcher extension. I did test it in a private window, and my actual user-agent string was used. Not the one that the extension was supposed to supply despite the extension being active and saying it was using my chosen spoofed agent.

But I think the problem is the user agent extension was unable to spoof all the ways a site can identify the box. So I guess cloudflare is more advanced at fingerprinting than that extension is at spoofing. Again, there is already a published review on the extension confirming someone else having the same issue as me.

more options
more options

The User-Agent Switcher description is rather misleading:

"making it impossible for websites to know specific details about your browsing arrangement."

This gives the impression it changes the whole browser fingerprint but it only changes the request headers which will not fool the likes of Cloudflare. The request headers are changed for me in private windows.