It would seem that Orion has some trouble successfully completing CloudFlare's and perhaps possibly hCaptcha's challenges. Unsure if this happens on older versions of macOS; I noticed the console logs a 401 for the private access token challenge, possibly due to a CORS issue?
Steps to reproduce:
- Visit 4chan (the homepage itself is SFW; be careful clicking any boards, though)
- Perhaps, if unlucky, the CloudFlare verification challenge will appear
- Attempt to pass the challenge by completing the captcha
- Repeat until the end of time
Notes:
- Tested with the default user-agent settings, Safari's user-agent, and Chrome's user-agent.
- Tested with both compatibility mode enabled and disabled.
- Tested with and without extensions (uBlock Origin, Bypass Paywalls Clean, and ViolentMonkey)
- Does not occur on Safari (16.1 - 18614.2.9.1.12) or Thorium (Chromium 109.0.5361.0 w/ minor patches and additional codecs)
- Unsure if 4chan's CF security settings mandate all visitors pass the check when accessing the homepage or if it is only required by 'high-risk' visitors
- Safari does not even display the CF challenge; the 4chan homepage loads just fine (however, as I am on Ventura, it may be able to bypass the prompt all-together due to the private access token feature),
- Thorium displays the prompt but passes the challenge once the captcha is complete.
- I am on dual-stack IPv4/IPv6, the latter of which may also be the cause of the challenges, if the prompt cannot be reproduced.
Expected behavior:
One would expect the challenge to succeed upon the first successful captcha completion.
Orion, OS version; hardware type:
- Orion: 0.99.121-beta (WebKit 614.1.20)
- OS: macOS Ventura 13.0 (22A380 / Darwin Kernel Version 22.1.0: Sun Oct 9 20:15:09 PDT 2022; root:xnu-8792.41.92/RELEASE_ARM64_T6000 arm64)
- Hardware: 16" MacBookPro18,1 w/ M1 Pro (10 cores, 16 GPU cores)
Image/Video: