-
Notifications
You must be signed in to change notification settings - Fork 189
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Cannot earn passes on hCaptcha Privacy Pass web page #247
Comments
Some web developer console messages to help with this (Firefox 91.0.1)
|
Same issue here! |
Thank you for the report. I'm looking at it. I will get back here soon. |
cc @durch (hCaptcha) |
Got some then when trying to get more it used a pass instead and very quickly told me I wouldn't be able to get more until it all ran out it seems. |
As of today, this appears to be resolved on Firefox 91.0.2 with plugin version 2.0.9. It took 2 tries, but I was able to get my 5 hCaptcha passes |
@gmt2001 I tried many times until I can get passes. I think I'm going to make it always work before marking this issue as resolved. |
My previous comment as quoted above may be wrong. I just noticed that with the extension installed the browser sends 2 I'm not sure why hCaptcha really needs 2 requests in this case. The protocol should have only one request. I think it's good to document the protocol for hCaptcha somewhere |
Hi folks! Apologies I’ve missed the original notification. We’ll go over our implementation internally and see if we can make improvements to get it to full protocol compliance. Will keep you posted |
This is working for me on FF and Chrome. Seems like a stale issue. |
It just worked for me on Brave browser. I wouldn't say this is a stale issue, but it appears to have been fixed today. Is anyone else available to test it? |
I just visited https://captcha.website/ to test if it is possible to get CloudFlare tokens, but all I got is hCaptcha prompt on that page asking me to prove I am human. This is getting ridiculous -- spending hCaptcha tokens to earn CloudFlare tokens doesn't make sense. @durch I keep getting false positives on every CloudFlare protected website using hCaptcha every time I visit them in a new browser session (I am using Brave on Windows 10). I am sure my own home network and all devices in it are malware-free. Having to solve hCaptcha on every site visit is getting mighty annoying, is there anyone from hCaptcha team who can suggest some troubleshooting steps? |
This has nothing to do with hCaptcha: Cloudflare (and its users) decide when to show a challenge. |
I understand that you are correct in the technical sense. However, this still has something to do with hCaptcha so please hear me out. Perception of a regular, non tech-savvy user is that hCaptcha is the problem, because that's what is prominently shown at the top center of the page and what they have to deal with. Cloudflare is mentioned in small font at the very bottom of the page which you can't read even in full screen mode at 1080p: Cloudflare is using hCaptcha while giving end users absolutely no recourse when they are unfairly judged as a bot. There is no "contest this check" link, no "report a problem" link, no contact email for Cloudflare support to even try to reach a human being in an attempt to find the problem and fix it. IMO this is just souring hCaptcha (and Privacy Pass because it makes it useless) for end users and hCaptcha and Privacy Pass developers should lean on Cloudflare (because the end users cannot) to include a way to complain about repeated misidentifications if they want to continue using it. |
Yes, this doesn't make sense and we have a plan to fix this issue soon. However, this is not related to the issue since this issue is about the hCaptcha captchas outside the Cloudflare pages like |
@durch Do you have any update? I think it's better if we can document the Privacy Pass protocol on hCaptcha tokens in both the issuance stage and redemption stage, so that I can help debug it when there is an issue next time. |
Very well, in the meantime I have uninstalled Privacy Pass because it is useless due to Cloudflare's overzealousness, and I have stopped visiting all websites which use Cloudflare and hCaptcha -- I don't want an intersection of those two faceless "security through obscurity" technologies treating me as a criminal without due process while they shamelessly use my eyeballs and clicks to generate revenue. |
no o ne i willling to fix this |
@durch hi, do you have any documentation on Privacy Pass protocol for hCaptcha? We just released v3.0.0 last month which has a big refactor of the extension code base. As a result, we didn't include the hCaptcha implementation because we don't know how it works. I think some kind of documentation will help. Otherwise, I have to spend some time to dig into the v2 code. |
tired of this nonsense the hcaptca has made the web useless for me tired of
this nonsense
[image: Mailtrack]
<https://mailtrack.io?utm_source=gmail&utm_medium=signature&utm_campaign=signaturevirality11&>
Sender
notified by
Mailtrack
<https://mailtrack.io?utm_source=gmail&utm_medium=signature&utm_campaign=signaturevirality11&>
12/17/21,
01:35:21 AM
…On Thu, Dec 16, 2021 at 4:05 PM Suphanat Chunhapanya < ***@***.***> wrote:
@durch <https://github.com/durch> hi, do you have any documentation on
Privacy Pass protocol for hCaptcha? We just released v3.0.0 last month
which has a big refactor of the extension code base. As a result, we didn't
include the hCaptcha implementation because we don't know how it works. I
think some kind of documentation will help. Otherwise, I have to spend some
time to dig into the v2 code.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#247 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AIRXJSEN7XV2FRJCG46TRWLURHBXTANCNFSM5CCHJNQQ>
.
Triage notifications on the go with GitHub Mobile for iOS
<https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675>
or Android
<https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub>.
|
Well that's a horrendous decision |
Some good news: Support for hCaptcha tokens has been re-enabled as of v3.0.4 |
@armfazh I appreciate the update. I am using v3.0.4. I just completed hcaptcha challenges to earn hcaptcha passes at https://www.hcaptcha.com/privacy-pass (screenshot below). However, the extension is still showing 0 passes. I am on Brave browser on macOS. What else do you suggest I try? |
@fedecarpy : are there any changes or disruption observed in the hCaptcha side? |
Describe the bug
The Privacy Pass web page to earn new passes (https://www.hcaptcha.com/privacy-pass) does not load the widget to earn passes.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
The hCaptcha check box would load
System (please complete the following information):
The text was updated successfully, but these errors were encountered: