Captcha Bug on 33.1.1 Topic is solved

Discussions for the Apple Mac OS builds of Pale Moon

Moderator: dbsoft

Forum rules
Important note:
The old Mac OS versions of Pale Moon were provided by various people and not official or in any way organized. Please make sure you check the date of topic threads to know if the topic is current or relevant! We are using this board for both old discussions and new development of Pale Moon on Mac.

Any specific bugs you find that don't have their own topic yet: please make a new topic; one bug per topic please to keep things organized.
User avatar
NapoInRags
Moongazer
Moongazer
Posts: 10
Joined: 2024-06-11, 13:18

Captcha Bug on 33.1.1

Unread post by NapoInRags » 2024-06-11, 13:44

Hello,

I'm running OSX 10.11 El Capitan (on an Aluminium late 2008 Macbook) and I've just installed the 33.1.1 Pale Moon version.

I tried to access my personnel account on the SNCF Connect (French Railway) website, but the captcha system is blocking me.

https://www.sncf-connect.com/en-en/

If you click on "Account" then on "Log in", the captcha window appears asking you to solve the puzzle by sliding right the small arrow. When you effectively solve it, nothing happens then, no access to the website (see picture).
Capture d’écran 2024-06-11 à 15.14.02.png
Hopefully someone can fix this - I guess it is - bug. Thanks.

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 36020
Joined: 2011-08-28, 17:27
Location: Motala, SE
Contact:

Re: Captcha Bug on 33.1.1

Unread post by Moonchild » 2024-06-11, 13:59

below the captcha is a statement:
Having problems accessing the site? Submit feedback
With a unique captcha ID.

Click the submit feedback link and explain the issue you're having, including the ID so they can see what goes wrong.

Since the captcha goes through excessive lengths to prevent debugging, we can't troubleshoot anything on our end.
"Just because you are offended doesn't mean you are right." -- unknown
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite

User avatar
NapoInRags
Moongazer
Moongazer
Posts: 10
Joined: 2024-06-11, 13:18

Re: Captcha Bug on 33.1.1

Unread post by NapoInRags » 2024-06-11, 18:00

I did. I have little hope they will solve this problem.

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 36020
Joined: 2011-08-28, 17:27
Location: Motala, SE
Contact:

Re: Captcha Bug on 33.1.1

Unread post by Moonchild » 2024-06-11, 21:02

NapoInRags wrote:
2024-06-11, 18:00
I did. I have little hope they will solve this problem.
It's in the captcha provider's best interest to solve the problem. Unless they want to become known as a censor, of course.
"Just because you are offended doesn't mean you are right." -- unknown
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite

User avatar
NapoInRags
Moongazer
Moongazer
Posts: 10
Joined: 2024-06-11, 13:18

Re: Captcha Bug on 33.1.1

Unread post by NapoInRags » 2024-06-12, 09:42

OK, but my doubt comes from the fact that I'm running an old OS on an old Intel MacBook, and the mainstream logic is not to care about these old stuff.

It would be good to find out whether the same bug occurs with versions of Pale Moon for recent W64-bit Pc and Arm Mac. If that's the case, then yes, there's a chance they'll solve the problem.

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 36020
Joined: 2011-08-28, 17:27
Location: Motala, SE
Contact:

Re: Captcha Bug on 33.1.1

Unread post by Moonchild » 2024-06-12, 21:18

I verified this happens on my workstation, run of the mill Windows 10 x64 with 64-bit Pale Moon, before I wrote my first reply. It's not you, it's them ;)
"Just because you are offended doesn't mean you are right." -- unknown
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite

User avatar
NapoInRags
Moongazer
Moongazer
Posts: 10
Joined: 2024-06-11, 13:18

Re: Captcha Bug on 33.1.1

Unread post by NapoInRags » 2024-06-12, 21:43

Perfect, thank you !

Let's wait.

User avatar
noellarkin
Fanatic
Fanatic
Posts: 110
Joined: 2021-07-27, 04:20

Re: Captcha Bug on 33.1.1

Unread post by noellarkin » 2024-06-17, 14:28

This looks like a Datadome captcha - - I came across something that looked exactly like that here viewtopic.php?f=70&t=31242 - - hard to say what it's doing, since there's no information in the browser console.
I looked into Datadome, and these feature-detection algorithms in general, and it seems they're triggered by anomalies in browser fingerprint (this is probably why I don't even get a captcha when visiting the website on vanilla Chrome). Pale Moon's fingerprint isn't accepted by some of these detection companies (something similar happened with Cloudflare a few months back) - - I've been trying to figure out how to clean up the Pale Moon fingerprint so atleast the FF compatibility mode can work with these sites.
Two things I've come across so far:
viewtopic.php?f=5&t=31247
viewtopic.php?f=5&t=31252

User avatar
adoxa
Fanatic
Fanatic
Posts: 214
Joined: 2019-03-16, 13:26

Re: Captcha Bug on 33.1.1

Unread post by adoxa » 2024-06-18, 02:41

Using Basilisk 2024.05.11 (64-bit) and Windows 10 (in Australia, should that matter, too). Search for datadome, click link, blank (403). Turn off the proxy, refresh, now it shows up. Go to the sncf page, okay; click Account, blank (403). Refresh datadome, blank (403). Go to datadome.co in Firefox, get a page saying "You have been blocked." (with or without the proxy). After a delay (and deleting its cookie), datadome.co in Firefox got me to slide the puzzle, now it works. Still not working in Basilisk. Back to Firefox and it loads straight up, back to Basilisk and I just cannot get it to work again.

User avatar
NapoInRags
Moongazer
Moongazer
Posts: 10
Joined: 2024-06-11, 13:18

Re: Captcha Bug on 33.1.1

Unread post by NapoInRags » 2024-06-18, 23:40

noellarkin wrote:
2024-06-17, 14:28
I've been trying to figure out how to clean up the Pale Moon fingerprint so atleast the FF compatibility mode can work with these sites.
Reading this, I went to the advanced page of Pale Moon Preferences. The User Agent Mode choice was "FireFox Compatibility".

Attach1.png

But you can change it for "Native" or "Gecko Compatibility". In the two cases, the SNCF page doesn't respond the same way any longer : the captcha window is now deleted and, as wished, you access the log-in window. :shock:

Attach2.png

Just a stroke of luck. If someone can bring a pedagogic explanation about this User Agent Mode...

User avatar
noellarkin
Fanatic
Fanatic
Posts: 110
Joined: 2021-07-27, 04:20

Re: Captcha Bug on 33.1.1

Unread post by noellarkin » 2024-06-20, 07:48

So here's my understanding of it.
When we're enabling Pale Moon's compatibility mode, we're sending a Firefox user agent to websites, instead of the native Pale Moon user agent. Many websites have restrictive allow lists for user agents, and using a Firefox user agent helps with these sites.
However, more and more websites are implementing feature detection in addition to user agents to determine if a browser is "lying" about its user agent. In simple terms, different browsers have different javascript engines, and the feature detection algorithms check to see if the Javascript engine of a browser is matching the User agent it is reporting.
If the JS engine of the browser doesn't match the user agent string, the feature detection algorithm flags the browser as suspicious, and a captcha is shown to the user.

Now, Pale moon shouldn't actually have any issues with this, since its JS Engine is similar enough to Firefox's (old Firefox's anyway) that it ought to pass the feature detection test, but there are some key differences.
One example being this one:
viewtopic.php?f=5&t=31247

I'm going to spend more time hunting for these feature detection "gaps" to see if FF's compatibility mode can be made more robust.

User avatar
NapoInRags
Moongazer
Moongazer
Posts: 10
Joined: 2024-06-11, 13:18

Re: Captcha Bug on 33.1.1

Unread post by NapoInRags » 2024-06-20, 09:47

Great, very clear, thanks. :thumbup:

Little additional information for those who, like me, are on their way learning. You can have a look here : https://www.howtogeek.com/114937/htg-ex ... ser-agent/

The text introduces another interesting website : https://whatmyuseragent.com/ Simply open it from your browser, and you'll get your user agent.

And now, going back to the advanced page of Pale Moon Preferences, you can choose between the three user agent modes and look at the result, that is to say the user agent string Pale Moon is sending to the web. If you're running 10.11 like me, you will have :

- Native : Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:102.0) Gecko/20100101 Goanna/6.6 PaleMoon/33.2.0
- Goanna Compatibility : Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:102.0) Gecko/20100101 Goanna/6.6 PaleMoon/33.2.0
- Firefox Compatibility : Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:102.0) Gecko/20100101 Goanna/6.6 Firefox/102.0 PaleMoon/33.2.0

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 36020
Joined: 2011-08-28, 17:27
Location: Motala, SE
Contact:

Re: Captcha Bug on 33.1.1

Unread post by Moonchild » 2024-06-20, 10:05

Keep in mind that if there's an issue with a specific website, you can add site-specific user-agent overrides, which provides a more fine-grained way of presenting certain user-agent strings to specific websites/domains/hosts.
There are some Pale Moon extensions available to make this easier, but ultimately all it needs is a preference general.useragent.override.example.com with the desired user-agent string, where you replace example.com with the domain or host you want to present the string to.

User avatar
noellarkin
Fanatic
Fanatic
Posts: 110
Joined: 2021-07-27, 04:20

Re: Captcha Bug on 33.1.1

Unread post by noellarkin » 2024-06-20, 11:17

@Moonchild will the JS Engine identification issue https://repo.palemoon.org/MoonchildProd ... ssues/2531 be addressed in the next release? Also, just checked out the latest Pale Moon release with the updated canvas poisoning mode, thank you! Pale Moon's canvas fingerprint resistance is way ahead of any of the other browsers out there :)

Post Reply