[Server-side fix needed] Browsing with Tor, got CAPTCHAs for subresources

Currently using the latest version of Tor Browser (9.0), based on Firefox 68.2.0esr.

For example:
for https://www.namecheap.com/, the main site loads fine, but the pictures do not load. I went to “Inspect Element” --> “Network” Tab, and found out the pictures are stopped by 403 errors and it was a CAPTCHA page (click on a 403 resource and go to the “Response” tab). However, if I load a picture separately in a new tab, it loads perfectly without CAPTCHAs.

BTW, Cloudflare onion service has been enabled, but only the main site seems to go through onion:

alt-svc: h2="cflareub6dtu7nvs3kqmoigcjdwap2azrkx5zohb2yk7gqjkwoyotwqd.onion:443"; ma=86400; persist=1

The subresources does not seem to go through onion, since you can see the Tor exit node IP.
One example:
Cloudflare Ray ID: 52a9010a48849e0d
Your IP: 185.4.x.x (Some Tor exit node IP)

This is just one example for Namecheap. Multiple websites have this issue. Please fix.

Someone opened a issue in the Tor bug tracker.

I changed the header to */* for a test and got no more CAPTCHAs. However, it’s not recommended to change the header in Tor Browser. Please fix at the server side.

This topic was automatically closed after 30 days. New replies are no longer allowed.