corneey.com

[NanoMeow]

Basic Information

Test link: http://corneey.com/wLknXW
Category: breakage
Reported from: Mexico
Template version: 2

User Environment

Browser: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:63.0) Gecko/20100101 Firefox/63.0
Extension: Nano Defender 15.0.0.72

Additional Message

Nano defender doesnt allow the captcha loading in firefox

[jspenguin2017]

Shortest bypassing is not working anymore.

---

Captcha is working for me. @LiCybora

[LiCybora]

Yes, there is issue for Firefox. I am working on it.

[LiCybora]

I guess I have quick fix for it, but the fix may affect Chromium and Edge. The problem is Firefox treated webRequest.onBeforeSendHeaders as asynchronous event listeners, while both Chromium and Edge does not support asynchronous event listener (just from MDN notes, I don't have them to test with). I will include the fix in v15.0.0.74 first anyway.

PS: The solution may not be optimal. I just follow the MDN example and change the code to async and problem solved.

Reference:
https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/webRequest/onBeforeSendHeaders

Edit: I overlook I make a typo which totally break the solution. Above things are just trash, please ignore.

Edit 2: I recognize the problem now. Seems Firefox throw exception when there is no user-agent (recaptcha attempt to read the user agent string). That's why removing the user-agent break the recaptcha js running.

My attempt to fix it is to spoof as other UA instead of removing it (however, the verification page will also gone and directly to target link, but maybe just for this site and untested on other so unsure whether there is side effect.) Any better idea for this?

[jspenguin2017]

I thought the chrome namespace only accepts synchronous handlers or asynchronous handlers with callbacks (when available), and the browser namespace is for asynchronous handlers with promises.

Are you sure the timer bypassing is still working after the change? Maybe edit the user agent to Google Bot or something?

[jspenguin2017]

Hum, I might want to try a bot user agent, maybe it goes through the timer and verification altogether.

[LiCybora]

Yes I tried Google bot and curl UA, both bypass timer and verification, directly forward to target link.
I am not sure whether all sites in the rule will work in the same way

[jspenguin2017]

Fixed.