Vlad Yeah and its still happening with this build too. Are you not able to reproduce?
astruckm Ah never checked if I had the
enterissue. I have the issue where scroll location is saved but the page is not loaded (its grey). If you pull to refresh it will load the page correctly. I think its a pain to test this as we have to get iOS to offload the app out of memory, not close it (achievable by loading lots of other apps). Have just checked my phone and its done it again.Still working for me, so yeah pretty sure we can close this out. Worst case can always be reopened.
I sill have this issue on the latest iOS build.
Can confirm this is fixed in the latest RC (0.99.123.3.4-rc).
Ah interesting, so it is a bug, that was clearly breaking the anti-bot but nothing intentional. Looks like the fix has already been merged into WebKit: https://github.com/WebKit/WebKit/pull/10760
- Edited
Are we sure its actually a bug with the engine and not a breakage by design that is due to it not being a
supportedbrowser. The scripts employed by the site will intentionally create fingerprints to block unknown browsers...I haven't had time to reverse the fingerprint
fpendpoint yet.Okay so have made a bit more progress on this, looks like the culprit here is the
x-kpsdk-ctaka the client token. The current work around I have found is that if you take a valid client token from another cookie store i.e. safari and insert that into the Orion cookie store, the browser is then deemed valid.Looks like the next step is going to be sifting through the obfuscated code to see how the client token is created, hopefully there is something obvious that will elude as to why Orion is failing the checks.
- Edited
eirk the problem with private windows is that they drop all data (history, etc). What temporary containers do is preserve all the relevant data (history), but keep each tab isolated (cache, sessions, etc).
- In Compact tabs
Has to be 1 for me as it looks the most MacOS like.
Will this also support ephemeral sessions? I used to use Firefox Multi-Containers and Temporary Containers, where tmp containers would open each tab in an ephemeral session. Its the one thing I missing having migrated from FF.
https://addons.mozilla.org/en-GB/firefox/addon/temporary-containers/
So just tried this with the latest RC and its still failing on the integrity check even with compatability mode active.
But I was having a poke at this on the weekend and I am pretty sure this is not due to a header mismatch but actually due to Kasada Anit-Bot. I stripped off the first level of obfuscation so that the javascript was more readable and can see that this library will inject the kpsdk headers:
x-kpsdk-cd: {"workTime":1679309802217,"id":"c4425fd69e35668169c976369a631c0b","answers":[7,2],"duration":1,"d":274,"st":1679309796816,"rst":1679309796964}
x-kpsdk-ct: 0Puw0EeZkC9yS9DOlHlCrb1DNi2WgLzYavzZk6ZYsNZXaqZmteeK7fDaMpCXRws7JthROON6Te3JHdTzHWsMpT4q300AFKJOQBxgZTUR2Ka5d6YKvK0gsob72a26yO2zGqD5Cw89FiE7BoJVAhCw0yimPI did not have time to dig further to fully confirm as it seems like the timings here are really tight so I need to script some stuff up in MITM to be totally sure that Kasada is the issue. Or it could be that this is totally incorrect and something else is the issue.