Merge https://notabug.org/mia03/cloudflare-tor

LICENSE.md

@@ -3,6 +3,7 @@
 * /cloudflare-tor/bcma (Block Cloudflare MITM Attack) -- [MIT License](https://notabug.org/themusicgod1/cloudflare-tor/src/master/bcma/LICENSE.txt)
 * /cloudflare-tor/globalist (Globalist) -- [GNU GPLv3](https://notabug.org/themusicgod1/cloudflare-tor/src/master/globalist/LICENSE)
 * /cloudflare-tor/ismitmlink/ (Are links vulnerable to MITM attack?) -- [MIT License](https://notabug.org/themusicgod1/cloudflare-tor/src/master/ismitmlink/LICENSE)
+* /cloudflare-tor/not_cloudflare/whyrejectme (Which website rejected me?) -- [MIT License](https://notabug.org/themusicgod1/cloudflare-tor/src/master/ismitmlink/LICENSE)
 * Else -- [PUBLIC DOMAIN (CC0)](https://web.archive.org/web/https://creativecommons.org/share-your-work/public-domain/cc0/)
 
 

PEOPLE.md

@@ -0,0 +1,48 @@
+# Other Voice
+
+!["Cloudflare is not an option."](image/cfisnotanoption.jpg)
+
+```
+format:
+	"[TITLE](https://full.link/blog.html)" by [Who](Link)
+
+Sort:
+	New article: top
+
+Disqualify:
+	- Cloudflared website
+	- Cloudflare employee
+	- Twitter/Mastodon: too short text
+```
+
+------
+
+######  Blog
+
+(Just don't add Medium.com articles. It's cloudflared. It doesn't matter he/she write great article)
+
+"[Don’t Use Cloudflare Because You Impose This on People Who Least Want It](http://techrights.org/2019/02/17/the-cloudflare-trap/)" by [Dr. Roy Schestowitz](http://techrights.org/)
+
+"[Don't Trust CloudFlare](https://write.lain.haus/thufie/dont-trust-cloudflare)" by [@lunaterra@cyberia.social](https://cyberia.social/@lunaterra)
+
+"[Stay away from CloudFlare](http://www.unixsheikh.com/articles/stay-away-from-cloudflare.html)" by [Unix Sheikh](http://www.unixsheikh.com/)
+
+"[CloudFlare, We Have A Problem](http://cryto.net/~joepie91/blog/2016/07/14/cloudflare-we-have-a-problem/)" by [joepie91](http://cryto.net/~joepie91/)
+
+"[On Cloudflare](https://www.tyil.nl/post/2017/12/17/on-cloudflare/)" by [tyil](https://www.tyil.nl/)
+
+"[Why CloudFlare Is Probably A Honeypot](https://cypherpunk.is/2015/04/02/why-cloudflare-is-probably-a-honeypot/)" by [cypherpunk](https://cypherpunk.is/)
+
+"[iSucker: Big Brother Internet Culture](https://exiledonline.com/isucker-big-brother-internet-culture/)" by [The Exiled](https://exiledonline.com/)
+
+------
+
+######  Forum
+
+"[Issues with corporate censorship and mass surveillance](https://www.torproject.org/projects/tor/ticket/18361)" by [Jacob Appelbaum](https://twitter.com/ioerror)
+
+"[Be careful with CloudFlare](https://www.reddit.com/r/privacy/comments/41cb4k/be_careful_with_cloudflare/)" by [no-idea-for-username](https://www.reddit.com/user/no-idea-for-username)
+
+"[Ditch Cloudflare - Broken HTTPS/MiTM](https://greysec.net/showthread.php?tid=1256)" by [NO-OP](https://greysec.net/member.php?action=profile&uid=47)
+
+"[How likely is it that CloudFlare is an NSA operation?](https://www.quora.com/How-likely-is-it-that-CloudFlare-is-an-NSA-operation/answer/Hamid-Sarfraz)" by quora

README.md

@@ -22,7 +22,7 @@ This repository is a list of websites that are behind The Great Cloudwall, and a
 
 List
 * [Domains using Cloudflare](split/)
-* [Non-Cloudflare but filtering/blocking tor users](https://notabug.org/themusicgod1/non-cloudflare-tor-hostile)
+* [Non-Cloudflare but filtering/blocking Tor users](not_cloudflare/)
 
 Information
 * [Padlock icon indicates a secure SSL connection established w MitM-ed](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=831835)
@@ -39,11 +39,12 @@ Also see [Frequently Asked Questions](faq.md).
 # What can you do?
 
 * Read [our list of recommended actions](what-to-do.md) and share it with your friends
-* Update the Cloudflare domain list: [List instructions](instructions.md)
+* Read [other user's voice](PEOPLE.md) (if you write a blog, tell us your URL)
+* Update the domain list: [List instructions](instructions.md)
 * Add WTF-Cloudflare news to [NEWS.md](NEWS.md)
 * Search something on [Searxes Tor](http://searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion/) or [clearnet](https://searxes.danwin1210.me/) (this will help collecting Searxes' "MITM domains")
 * Take a look at [add-on code](ismitmlink/) (how to use "MITM test API")
-* Subscribe to an ![](image/feed.png) RSS feed: "[The Great Cloudwall News](https://searxes.danwin1210.me/collab/open/getrss.php?q=tmg1news)" or follow ![](image/mstdn.jpg) [crimeflare@botsin.space](https://botsin.space/@crimeflare)
+* Subscribe to an ![](image/feed.png) RSS feed: "[The Great Cloudwall News](https://searxes.danwin1210.me/collab/open/getrss.php?q=tmg1news)" or follow ![](image/mstdn.jpg) [crimeflare@ieji.de](https://ieji.de/@crimeflare)
 
 
 ![WTF](image/wtfcf.jpg)

cloudflare_owned_NS.txt

@@ -14,6 +14,7 @@ ben.ns.cloudflare.com
 bella.ns.cloudflare.com
 bob.ns.cloudflare.com
 chan.ns.cloudflare.com
+coco.ns.cloudflare.com
 cody.ns.cloudflare.com
 darwin.ns.cloudflare.com
 dee.ns.cloudflare.com
@@ -28,6 +29,7 @@ fred.ns.cloudflare.com
 gail.ns.cloudflare.com
 glen.ns.cloudflare.com
 guy.ns.cloudflare.com
+hugh.ns.cloudflare.com
 ian.ns.cloudflare.com
 igor.ns.cloudflare.com
 jeff.ns.cloudflare.com

instructions.md

@@ -68,8 +68,29 @@ IMPORTANT: Please add only "Base Domain"
 
 ## Website is NOT using Cloudflare (& blocking you)
 
+| List name | Description |
+| -------- | -------- |
+| list_error403.txt     | Returns HTTP Error 403 (Forbidden)     |
+| list_customerror.txt     | Returns custom error message (not HTTP 403)     |
+| list_other.txt     | (not necessary?)    |
+
+```
+IMPORTANT: Please add only "Base Domain" or "(base domain)[space](comment here)"
+
+    if "community.example.com" is blocking Tor
+        add "example.com"
+
+    if "www.example.co.uk" is blocking Tor
+        add "example.co.uk Error message: Anonymous not allowed"
+
+    if "example.net" is blocking Tor
+        add "example.net"
+```
+
 Some websites use other companies with the CloudFlare business model.
 
-Add them to [non-cloudflare-list](https://notabug.org/themusicgod1/non-cloudflare-tor-hostile/) (formerly "*TorBlocker Hall of Shame Part I*")
+Add them to [/not_cloudflare/](not_cloudflare/) (formerly "*TorBlocker Hall of Shame Part I*")
 
 This is a collection of websites that ban Tor exits, other than through Cloudflare(e.g. showing access denied pages, systematic timing out connections, ...).
+
+[This add-ons](https://addons.mozilla.org/en-US/firefox/addon/which-website-rejected-me/) will help your list_error403 collection.

not_cloudflare/README.md

@@ -0,0 +1,4 @@
+# Which websites are hostile to Tor users?
+
+
+Don't block us!

not_cloudflare/list_customerror.txt

@@ -0,0 +1 @@
+(add FQDN here)

not_cloudflare/list_error403.txt

@@ -0,0 +1 @@
+(add FQDN here)

not_cloudflare/list_other.txt

@@ -0,0 +1 @@
+(add FQDN here)

not_cloudflare/whyrejectme/README.md

@@ -0,0 +1,5 @@
+This is a source code of Maslin Bossé's "*Which website rejected me?*".
+
+PRs are welcome.
+
+AMO: https://addons.mozilla.org/en-US/firefox/addon/which-website-rejected-me/

not_cloudflare/whyrejectme/bg.js

@@ -0,0 +1,31 @@
+let history = {};
+
+browser.webRequest.onResponseStarted.addListener(i => {
+	if (i.statusCode == 403) {
+		let iFQDN = (new URL(i.url)).hostname;
+		let iServer = 'Unknown';
+		i.responseHeaders.forEach(x => {
+			if (x.name == 'Server') {
+				iServer = x.value;
+			}
+		});
+		let iDate = (new Date()).toUTCString();
+		history[iFQDN] = [i.url, iServer, iDate];
+	}
+	return;
+}, {
+	urls: ['http://*/*', 'https://*/*'],
+	types: ['main_frame']
+}, ['responseHeaders']);
+
+browser.runtime.onMessage.addListener((request, sender, sendResponse) => {
+	if (request && sender) {
+		if (request == 'get') {
+			sendResponse(history);
+		}
+		if (request == 'clear') {
+			history = {};
+			sendResponse(true);
+		}
+	}
+});

not_cloudflare/whyrejectme/log.html

@@ -0,0 +1,17 @@
+<html>
+   <head>
+      <title>Log</title>
+   </head>
+   <body style="display:none">
+      <table style="width:90%;break-word:" border=1>
+         <tbody></tbody>
+      </table>
+      <br>
+      &uarr; Details<br>
+      &nbsp;&rarr; Action: <input id="clear" type="button" value=" Clear Log "><br>
+      &darr; FQDN only<br>
+      <br>
+      <textarea id="export" cols=60 rows=20></textarea>
+      <script src="log.js"></script>
+   </body>
+</html>

not_cloudflare/whyrejectme/log.js

@@ -0,0 +1,22 @@
+function newrow(w) {
+	let tt = document.getElementsByTagName('tbody')[0];
+	let tr = tt.insertRow(tt.rows.length);
+	tr.innerHTML = w;
+}
+
+newrow('<tr><td><b>FQDN</b></td><td><b>Server</b></td><td><b>Where</b></td><td><b>When</b></td></tr>');
+
+browser.runtime.sendMessage('get').then(g => {
+	for (let k in g) {
+		newrow('<tr><td>' + k + '</td><td>' + g[k][1] + '</td><td><a href="' + g[k][0] + '" target="_blank">Link</a></td><td>' + g[k][2] + '</td></tr>');
+		document.getElementById('export').innerHTML += k + "\n";
+	}
+});
+
+document.body.style.display = 'block';
+
+document.getElementById('clear').addEventListener('click', () => {
+	browser.runtime.sendMessage('clear').then(() => {
+		location.reload(true);
+	});
+});

not_cloudflare/whyrejectme/manifest.json

@@ -0,0 +1,30 @@
+{
+   "manifest_version": 2,
+   "name": "Which website rejected me?",
+   "description": "Your website rejected me, but I know I'm going to be okay.",
+   "version": "1.0.0",
+   "author": "Maslin Bossé",
+   "permissions": [
+      "webRequest",
+      "<all_urls>"
+   ],
+   "icons": {
+      "32": "icons/32.png"
+   },
+   "background": {
+      "scripts": [
+         "bg.js"
+      ]
+   },
+   "options_ui": {
+      "browser_style": false,
+      "open_in_tab": true,
+      "page": "log.html"
+   },
+   "applications": {
+      "gecko": {
+         "id": "urejectme@searxes.danwin1210.me",
+         "strict_min_version": "56.0"
+      }
+   }
+}