Bypass Cloudflare with Firefox Cookies

[tellu-white]

Suggestion: instead of doing the Ctrl/Shift/Alt dance (that nobody remembers without notes...), why not add a drop-down to the toolbar icon to select the various options?

In version 6.0 I added a drop-down to the toolbar icon to select options for using the add-on. All options for initializing the add-on are moved to the menu that opens with right-click on button.

I also made two variants of version 6.0, one with a black-and-white menu and the other with a color menu. Both variants have the same functionality, only the appearance of the menus differs.

Screenshots:

01.png

02.png

black-and-white menu:

03.png

04.png

color menu:

05.png

06.png

*****

Download link ( Bypass Cloudflare with Firefox Cookies 6.0 ):

https://www.mediafire.com/file/f9fi8v9zus431x9/bypass_cloudflare_with_firefox_cookies_6_0.zip/file

[back2themoon]

Thanks for the nice update!

The first two Initialization options open the same named window: "Get Cookies File Path"

Also, you can make the left-click work on the entire icon, not just the tiny arrow to the right (i.e. the same way right-click works).

[Sessh]

I haven't been able to get this to work. I'm really only trying to get one (infrequently used) site to work; romhacking.net

Using this add on, I have set the selected browser (Firefox Nightly, Win7) and the add on does load the page in FFN if I select that option. I set up the user agent grabber in FFN as well as the cookies sqlite file and added that into the initialization settings (verfied by looking for "romhacking" in about:config). Only thing that doesn't seem to be working is the cookies with the sign in allowing me to access the site.

It says the import (get cookies from selected browser + set cookies in Pale Moon) was successful and all that and the cookies seems to be being imported. I delete all current cookies, then import them from FFN and cookies appear to be being added to PM, but if I try to "Enter URL of a page + Open that page in Pale Moon", it says no cookies were imported for that site and I can't access romhacking.net. Is this just one of those sites that won't work or am I doing something wrong (likely)?

Oh, and I am doing the cookie importing while the CF page is up spinning away with the romhacking.net link in the address bar. It says import was successful, but nothing changes when I try to reload the RH site.

[xlolitadabananax]

Hi sesh & contributors..

this addon never worked for me, i tried v5 & this bypass_cloudflare_with_firefox_cookies_6_0.zip
xp inside too, we never know which cookie file to select when there are 3 in the profile folder & when
i add the home url it's never detected as a cookie.

also, using firefox, having to reinstall it creeps me out, as i moved to palemoon ages ago
for many reasons, and it looks like id be depending on that crappy firefox to login with
cookies that passed the sheeti cf test.

This would fix the issue:

an addon that transfers the actual cookies from chrome to pm, once i click on its toolar button,
cuz for feabie.com for example, even after logging to the site, it tries to send me to another sheeti
cf test to open a stupid profile ... . so i could reclick on it before opening a profile.

a chrome to pm cookie transfer would be awsome.

[back2themoon]

...or am I doing something wrong (likely)?

You are doing it wrong. I'm writing a new set of instructions now so hold on.

this addon never worked for me

That's because you are doing everything wrong, and didn't bother to read the instructions carefully. See above.

[tellu-white]

Thanks for the nice update!

The first two Initialization options open the same named window: "Get Cookies File Path"

Also, you can make the left-click work on the entire icon, not just the tiny arrow to the right (i.e. the same way right-click works).

Thank you, back2themoon.

I made version 6.1 of this add-on in which I corrected the window name for selecting the "Backup Browser app" path and made clicking on the "entire icon" to open the options for using the add-on.

I made another change, based on the problem that Sessh encountered.

I haven't been able to get this to work. I'm really only trying to get one (infrequently used) site to work; romhacking.net

The https://www.romhacking.net/ page opens without involving Cloudflare. In the tests I've done, Cloudflare is activated when the page with comments is opened:

https://www.romhacking.net/forum/index.php?topic=39986

Until this version, the add-on didn't open in "Backup Browser" the page entered by the user in Pale Moon, but opened the "pre Path URL" obtained from the URL entered by the user. I chose this method because I considered that in the "home" page there was less content that could create problems. In this version I decided that the add-on should open in "Backup Browser" the page entered by the user in Pale Moon, to avoid complications like the one faced by Sessh (as you can see from the example with the domain "romhacking.net", there are websites that don't use Cloudflare to access their "home" page but use it for other areas of the website).

Screenshots:

The https://www.romhacking.net/ page opens normally in Pale Moon and loads two cookies:

01.png

After I open the comments page, Cloudflare comes in:

02.png

03.png

In this version of the add-on I open in Firefox the page with comments (the one blocked by Cloudflare):

04.png

05.png

06.png

After passing the Cloudflare check in Firefox, I copy in Pale Moon cookies saved by Firefox:

07.png

Now the comments page opens in Pale Moon too:

08.png

The comments page has an extra cookie in addition to the "home" page, that cookie which is related to the control made by Cloudflare:

09.png

*****

Download link ( Bypass Cloudflare with Firefox Cookies 6.1 ):

https://www.mediafire.com/file/m66tde1iyy7aawe/bypass_cloudflare_with_firefox_cookies_6_1.zip/file

[xlolitadabananax]

it would be great to do it for chrome to import in pm, i'll try 6.1 tomorrow

[tellu-white]

it would be great to do it for chrome to import in pm, i'll try 6.1 tomorrow

If you mean "Google Chrome", that's not possible:

tellu-white wrote :
Initially I wanted to read cookies from the "Cookies" file of Google Chrome. This was not possible because in that file in the "value" column there is no saved data. There is a column with the name "encrypted_value" with saved data but it can only be read with an add-on made for Google Chrome.

https://forum.palemoon.org/viewtopic.php?f=71&t=32098&sid=1f87964e7a53df4d4c37a79cfe097c75&start=20#p260032

[back2themoon]

Updated, and probably final (from me) setup guide, written for version 6.1 of the extension. Follow instructions carefully and in order. You should preferably have the latest version of Firefox installed. Firefox Portable is good too. Waterfox should also work. See tellu-white's remark. Guide mostly assumes Firefox is used.

On Pale Moon:

1. Install the "Bypass Cloudflare with "Backup Browser" Cookies" extension.
2. RIGHT-click the extension's icon (it looks like the Firefox icon), select the first option: Get the Path to the Backup Browser path
3. Point it to "firefox.exe" (or "FirefoxPortable.exe" etc.) in your Firefox installation folder.
4. Right-click the icon again, select the second option: Get the Path to the Cookies file of Backup Browser.
5. Point it to the "cookies.sqlite" file. This is located in your Firefox profile folder.

Now open Firefox and create a new bookmark in Firefox:

6. Set its Name as: Get user agent string
7. Set its URL as: javascript:void(prompt('navigator.userAgent',navigator.userAgent))
8. Save the Bookmark and click it. It will show you the browser's user agent string. Copy it.

Back on Pale Moon:

9. Right-click the extension's icon and select the third option: Get INSTALLED Backup Browser user agent
10. Paste the string you copied in step 8 above.

The initial, one-time extension setup is complete. Now let's deal with a problem website.

11. Copy the problem website home page URL.
12. Do NOT visit the website on Pale Moon yet. If you are logged in the problem website on Firefox, then LOG OUT.
13. On Pale Moon: LEFT-click the extension's icon, select the second option: Open Custom URL in Selected Browser.
14. Paste the problem home page URL you copied in step 11 above. The website will open in Firefox.

PAY ATTENTION TO STEP 15 BELOW

15. You must now pass the malicious Cloudflare check on Firefox.

a) If logging in to the website is needed to make the Cloudflare check appear, then log in.
b) If the Cloudflare check comes BEFORE the login, then you don't have to log in. You only need to pass the check.
c) If there is no logging in involved, then just pass the check.
d) If the Cloudflare check only appears at some specific section of the website, then visit that section and pass the check.

When the check is passed and the website appears, don't resume browsing. Go to Pale Moon now.

Back on Pale Moon:

16. LEFT-click the extension's icon, select the third option: Get Cookies from Selected Browser + Set Cookies in Pale Moon.
17. You should get the successful "Cookies were copied in Pale Moon" prompt. If so, you can now visit the website in Pale Moon.

If you don't see this prompt on step 16, then something went wrong on step 15. Log out of the problem website on Firefox, clear all cookies on Pale Moon and Firefox and try again from step 11.

Repeat steps 11-17 for each new problem website.

About the Optional Settings (right-click the icon, Register/Unregister HTTP Observer):

Connections to Cloudflare (specifically: challenges.cloudflare.com) need to be blocked in Pale Moon because they are known to cause stability problems, by courtesy of Cloudflare. The extension can do it for you ("Register" enabled). If you are blocking Cloudflare via other means (uBO, ηMatrix, hosts file etc.) then select "Unregister".

Verifying...

@Cloudflare: F... Thank you for wasting our time. Bunch of greedy amateurs.

[back2themoon]

Thanks for the new update, tellu-white.

If no cookie is imported, then perhaps an error message should appear - if technically possible, of course. Showing nothing can be confusing for some users.

[Sessh]

Thanks I'll try to do this again soon. However, romhacking.net sends me to CF even trying to access the homepage. There's no difference, I get CF trying to access any page on romhacking.net even the home page. I also get the cookies shown in the images when importing from my FFN profile which is the most up to date version for WIn7. Once I try this again from scratch with 6.1, I'll report back.

Edit: Just reading your instructions, I see what I did wrong. Good. Ok I'll stop editing and get back later.

[nikola_ss]

I tried extension in Linux and works very well. Thanks tellu-white and thanks to back 2themoon for good explanation.

[Lucio Chiappetti]

Off-topic:

viewtopic.php?f=71&t=32098&start=60#p260225

I would suggest you boot to forgive whatever misunderstanding and go along. I was just curious to see whether the extension was also for Linux, and the very last post by nikola_ss in the thread linked (one click, control-F, "Linux" found it).

Back on topic, so far none of the sites I use regularly seems to be affected, or infested, by the Cloudflare issue (it was mentioned by an user on another phpBB forum as a solution to current bot problems on such forum, and I said "please don't").
It is a pity instead that the extension does not work with google chrome cookies. Currently I use only two browsers, Pale Moon for >95% of the sites, and google-chrome for the rest (mainly google's own or WebRTC sites I am forced to use for work). I am not keen to use firefox, since on latest (X)Ubuntu 24 I just upgraded to, it is available as snap only, and I try to stay away from snaps (it will conflict with the convention on home directories on my machine/s).
I always feel somewhat ill-at-ease with non-PM browsers on the privacy side. Maybe I'll ask advices in a separate thread.

[tellu-white]

It is a pity instead that the extension does not work with google chrome cookies.

tellu-white wrote :
Initially I wanted to read cookies from the "Cookies" file of Google Chrome. This was not possible because in that file in the "value" column there is no saved data. There is a column with the name "encrypted_value" with saved data but it can only be read with an add-on made for Google Chrome.

https://forum.palemoon.org/viewtopic.php?f=71&t=32098&start=20#p260032

Cookies file from Google Chrome opened with "SQLiteStudio 3.4.17" ( https://sqlitestudio.pl/ ):

01.png

02.png

[Lucio Chiappetti]

Yes, thanks for the detailed explanation. I had already seen your other quoted text, so I was personally aware of the difficulty (and was not complaining !) but the explanation is very useful for everybody.

I realize now that perhaps I posted in the wrong thread. There are currently at least three threads about the cloudflare issue (could they be merged ? but I see they are in three different boards, unfortunately I do not read the forum board-wise but only via "New posts" so I missed that before). My post was essentially in reply to whoever suggested that the cloudflare "non-cooperating attitude" may dissuade users from using Pale Moon.
That it is not my case. I tend to use Pale Moon exclusively, except for a few sites requiring chrome. Apparently my ecology of regularly visited sites is not affected by the cloudflare pest. If an occasionally visited site fails with Pale Moon, I consider it "not worth visiting". I am not going to use "snap firefox". I could consider advices for a fallback browser other then chrome, or for some way to do some privacy-hardening on chrome (oxymoron ?)

[Sessh]

Still doesn't work for me. I did all the instructions exactly as stated and all goes as expected, but romhacking.net (ANY page including the home page) just won't work for me on PM and I'm not gonna clear all my cookies on PM because it means I have to sign in to a bunch of sites all over again. I remove the romhacking.net cookies from both browsers and when I try the steps again, I don't even get a message saying cookies were imported to pale moon anymore. It just does nothing.

Anyway it's not that important. It's just one site.

It's importing the correct cookies it seems, but they just don't work. Maybe it's because it's only the most up-to-date version of Nightly on Win7 or maybe it doesn't work with Nightly at all.

Clipboard01.jpg

Yeah, it won't even do "Get Selected Cookies from Selected Browser" anymore. It just does nothing. No idea why. Even reinstalling the 6.1 version and reconfiguring it didn't fix it.

[frostknight]

I don't know if I got this answer yet, but which firefox cookies do I need for this addon?

I use linux, so... where are the cookies I need? in the .mozilla folder? Or the .cache folder?

Just asking.

[back2themoon]

Still doesn't work for me.

It worked immediately here:

Working.png

Cookies:

Working-Cookies.png

On step 14, don't paste the home URL. Paste the link posted above:

https://www.romhacking.net/forum/index.php?topic=39986

Instead of clearing cookies, press Ctrl-H (History), right-click a romhacking entry and "Forget about this site", until there are no romhacking entries left (on both browsers).

[frostknight]

It's importing the correct cookies it seems, but they just don't work. Maybe it's because it's only the most up-to-date version of Nightly on Win7 or maybe it doesn't work with Nightly at all.

Where are those stored I wonder... on linux anyhow.

[Sessh]

There's something weird going on on my end and not sure what it is. Someone else said that the homepage doesn't require CF checking, but for me it does. Any page does all the time on RH.net.

Anyway as I said, the addon won't even get cookies from selected browser anymore. It just stopped working after the first try with 6.1

Edit: Ok so I tried that link and it copied the cookies again, but then I try to load the same page in PM and it doesn't work. Anyway thanks for the efforts. I have no idea why it's not working for me. It probably has something to do with me getting the CF block on any and all romhacking.net pages whereas for you guys, you can see the homepage without hitting the CF wall. I can't.. for some reason.

.. and now copy cookies doesn't work again after just working a second ago. Ahh forget it. lol