Multiple smaller fixes

Added Support for Privacy Browser (Android), Split Meta bots for better control, Added Internet Archive to default whitelist, Reactivated hashed cookies.
2025-11-07 12:29:08 +01:00
parent 0cfc0c5d33
commit 871c97bf14
9 changed files with 31 additions and 19 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -3,5 +3,5 @@ logs/*.log.txt
 logs/*.srv.txt
 logs/*.tck.txt
 logs/*.captcha.txt
-config/user-*.json
+config/user-*.*
 php_errors.log
--- a/action.php
+++ b/action.php
@@ -314,8 +314,8 @@ class action_plugin_botmon extends DokuWiki_Action_Plugin {

 		$today = substr((new DateTime())->format('c'), 0, 10);

-		$raw = $this->getConf('captchaSeed') /*. '|' . $_SERVER['SERVER_NAME'] . '|' . $_SERVER['REMOTE_ADDR'] . '|' . $today */;
-		$expected = $raw; //hash('sha256', $raw);
+		$raw = $this->getConf('captchaSeed') . ';' . $_SERVER['SERVER_NAME'] . ';' . $_SERVER['REMOTE_ADDR'] . ';' . $today;
+		$expected = hash('sha256', $raw);

 		// for debugging: write captcha data to the log:
 		$this->writeCaptchaLog($_SERVER['REMOTE_ADDR'], $cookieVal, $_SERVER['SERVER_NAME'], $expected);
--- a/admin.css
+++ b/admin.css
@@ -113,6 +113,7 @@
 		&.cl_operaold::before { background-position-y: -380px }
 		&.cl_wget::before { background-position-y: -400px }
 		&.cl_python::before { background-position-y: -420px }
+		&.cl_privacybrowser::before { background-position-y: -440px }
 		&.cl_other::before { background-image: url('img/more.svg') }

 		/* Captcha statuses */
--- a/captcha.js
+++ b/captcha.js
@@ -54,7 +54,7 @@ const $BMCaptcha = {
 		setTimeout($BMCaptcha._delayedCallback, $BMCaptcha._cbDly * 1000);
 	},

-	/* creates a digest hash for the cookie function */
+	/* creates a digest hash */
 	digest: {

 		/* simple SHA hash function - adapted from https://geraintluff.github.io/sha256/ */
@@ -168,16 +168,15 @@ const $BMCaptcha = {
 			try {
 				var $status = 'loading';

-				// generate the hash: -- disabled until I found the pesky bug in the digest
-				/*const dat = [ // the data to encode
+				// generate the hash:
+				const dat = [ // the data to encode
 					document._botmon.seed || '',
 					location.hostname,
 					document._botmon.ip || '0.0.0.0',
 					(new Date()).toISOString().substring(0, 10)
-				]; */
-				//if ($BMCaptcha._st - performance.now() >= 0) dat.push($BMCaptcha._st - performance.now());
-				//const hash = $BMCaptcha.digest.hash(dat.join('|'));
-				const hash = document._botmon.seed || ''
+				];
+				if (performance.now() - $BMCaptcha._st <= 1500) dat.push(performance.now() - $BMCaptcha._st);
+				const hash = $BMCaptcha.digest.hash(dat.join(';'));

 				// set the cookie:
 				document.cookie = "DWConfirm=" + encodeURIComponent(hash) + '; path=/; session;'
--- a/config/default-whitelist.txt
+++ b/config/default-whitelist.txt
@@ -1,3 +1,11 @@
+# Internet Archive Bot Ranges
+207.241.224.0	207.241.239.255	20
+207.241.224.0	207.241.224.255	24
+207.241.231.0	207.241.231.255	24
+207.241.234.0	207.241.234.255	24
+207.241.237.0	207.241.237.255	24
+208.70.24.0	208.70.31.255	21
+
 # Bing Bot IP ranges - taken from https://www.bing.com/toolbox/bingbot.json
 157.55.39.0	157.55.39.255	24
 207.46.13.0	207.46.13.255	24
@@ -342,5 +350,5 @@
 2a02:0598:0096:8a00:0000:0000:1200:0120	2a02:0598:0096:8a00:0000:0000:1200:013f	123

 # localhosts
-#127.0.0.1	127.255.255.255	8
-#::1	::1	128	
+127.0.0.1	127.255.255.255	8
+::1	::1	128	
--- a/config/known-bots.json
+++ b/config/known-bots.json
@@ -118,16 +118,16 @@
 	 "rx": ["Perplexity\\-User\\/(\\d+\\.\\d+);"],
 	 "url": "https://perplexity.ai/perplexitybot"
 	},
-	{"id": "metabots",
-	 "n": "Meta/Facebook",
-	 "r": ["meta-webindexer","meta-externalads","meta-externalagent"],
-	 "rx": ["facebook[cw]\\w+\\/(\\d+\\.\\d+)", "meta-externala\\w+\\/(\\d+\\.\\d+)"],
-	 "url": "https://developers.facebook.com/docs/sharing/webmasters/crawler"
-	},
 	{"id": "metauser",
 	 "n": "Meta/Facebook User",
 	 "r": ["facebookexternalhit","facebookcatalog"],
-	 "rx": ["facebook\\w*\\/(\\d+\\.?\\d*)", "meta\\-?\\w*\\/(\\d\\.\\d)"],
+	 "rx": ["facebookexternalhit\\/(\\d+\\.?\\d*)", "facebookcatalog\\/(\\d\\.?\\d*)"],
+	 "url": "https://developers.facebook.com/docs/sharing/webmasters/crawler"
+	},
+	{"id": "metabots",
+	 "n": "Meta/Facebook",
+	 "r": ["meta-webindexer","meta-externalads","meta-externalagent", "meta-webindexer"],
+	 "rx": ["facebook[cw]\\w+\\/(\\d+\\.?\\d*)", "meta\\-[cw]\\w+\\/(\\d+\\.?\\d*)", "meta-externalads\\/(\\d+\\.?\\d*)", "meta-externalagent\\/(\\d+\\.?\\d*)"],
 	 "url": "https://developers.facebook.com/docs/sharing/webmasters/crawler"
 	},
 	{"id": "qwant",
--- a/config/known-clients.json
+++ b/config/known-clients.json
@@ -102,5 +102,9 @@
 	{"n": "wget",
 	 "id": "wget",
 	 "rx": [ "Wget\\/(\\d+\\.?\\d*\\.?\\d*)" ]
+	},
+	{"n": "PrivacyBrowser",
+	 "id": "privacybrowser",
+	 "rx": [ "PrivacyBrowser\\/(\\d+\\.?\\d*)" ]
 	}
 ]
--- a/img/captcha.png
+++ b/img/captcha.png
--- a/img/clients.png
+++ b/img/clients.png