[tor-dev] Request for feedback/victims: cfc-0.0.2
bancfc at openmailbox.org
bancfc at openmailbox.org
Sat Apr 2 17:00:10 UTC 2016
On 2016-04-01 18:06, Yawning Angel wrote:
> On Fri, 01 Apr 2016 18:21:10 +0200
> Jeff Burdges <burdges at gnunet.org> wrote:
>
>> Are there any more sites where CloudFalre appears on archive.is?
>>
>> https://www.aei.org/publication/gen-michael-hayden-on-apple-the-fbi-and-data-encryption/
>> https://archive.is/7u5P8
>>
>> It's some particularly harsh CloudFlare configuration perhaps?
>
> Without knowing how archive.is works, and how CloudFlare works, it's
> hard to tell.
>
> Since archive.is sets "X-Forwarded-For", it's not particularly hard to
> figure out if a Tor user is the one requesting a snapshot. I requested
> a new snapshot and the captcha error page in the archive shows that
> the IP of my exit, so part of the ClouldFlare infrastructure at least
> peeks at the header.
>
> I'll probably add support for other (user-configurable?) cached content
> providers when I have time. The archive.is person doesn't seem to want
> to respond to e-mail, so asking them to optionally not set X-F-F, seems
> like it'll go absolutely nowhere.
>
> Regards,
>
webcitation.org is an archive.is alternative. Potentially it doesn't
forward request headers (?)
More information about the tor-dev
mailing list