Several issues with TOR browser accessing site

Opus X

Active member
i use TOR browser for all my browsing.
i have noticed since several issues.
this is very likely a TOR browser issue but i don't know if it may be program related also.

frequently when trying to log in no i click on the log in icon and i get the orange bar going across with the hash marks then nothing.
i have to click on the log in and open it in another tab to enter my credentials.
a similar issue frequently occurs when I have an alert shown.
if i click on the bell i get the bar going across with the indicator on the right and then nothing.
i then have to open the right click on the bell and tell it to open in another tab.
i can refresh the screen several times and it may finally work, or sometimes if i choose a different TOR circuit.
each time i keep forgetting to check with the tools to see if there are any errors being shown as it is not something i do regularly.
i posted a sticky on my monitor to remind me to check next time it happens in case it shows something but i am not sure what to look for.
each time i do accept all cookies.
they get deleted when i close TOR and then accept them again when i come back.
what i see in it now is this

Content-Security-Policy warnings 2
Content-Security-Policy: Couldn’t process unknown directive ‘noscript-marker’ post-thread
Content-Security-Policy: Couldn’t process unknown directive ‘noscript-marker’ 2 post-thread
This page uses the non standard property “zoom”. Consider using calc() in the relevant property values, or using “transform” along with “transform-origin: 0 0”. post-thread
Content-Security-Policy: The page’s settings blocked the loading of a resource at data: (“media-src”). 3 post-thread
Cookie “” has been rejected as third-party. js
Layout was forced before the page was fully loaded. If stylesheets are not yet loaded this may cause a flash of unstyled content. preamble.min.js:4:300
Some cookies are misusing the recommended “SameSite“ attribute 5
Cookie “_ga_D7JYH6EQJL” does not have a proper “SameSite” attribute value. Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”. This means that the cookie will no longer be sent in third-party contexts. If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite js:313:874
Cookie “_ga_D7JYH6EQJL” does not have a proper “SameSite” attribute value. Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”. This means that the cookie will no longer be sent in third-party contexts. If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite js:313:874
Cookie “_ga” does not have a proper “SameSite” attribute value. Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”. This means that the cookie will no longer be sent in third-party contexts. If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite js:313:874
Cookie “_gd1713351068719” does not have a proper “SameSite” attribute value. Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”. This means that the cookie will no longer be sent in third-party contexts. If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite editor-compiled.js:151:249
Cookie “_gd1713351068719” does not have a proper “SameSite” attribute value. Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”. This means that the cookie will no longer be sent in third-party contexts. If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite editor-compiled.js:151:349
Cookie “” has been rejected as third-party. collect
onmozfullscreenchange is deprecated. token_input-compiled.js:26:35702
onmozfullscreenerror is deprecated. token_input-compiled.js:26:35702
Source map error: Error: request failed with status 404Resource URL: https://xenforo.com/community/js/xf/attachment_manager-compiled.js?_v=4eaee9a2Source Map URL: exif-reader.js.map
 
i just had it happen after shutting down TOR browser and opening it back up and accepting all cookies.
the only thing i saw in the window was

Content-Security-Policy: The page’s settings blocked the loading of a resource at data: (“media-src”). 4 community
Cookie “xf_csrf” does not have a proper “SameSite” attribute value. Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”. This means that the cookie will no longer be sent in third-party contexts. If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite community
Layout was forced before the page was fully loaded. If stylesheets are not yet loaded this may cause a flash of unstyled content. preamble.min.js:4:300
Cookie “” has been rejected as third-party. 7067feece20453cf65153ef5a70921e8
Cookie “” has been rejected as third-party. f49df5d4fe31b5e6aba3680018ce050a

if need more information then will be happy to help but need guidance on what to look for and where in TOR browser.
i think it has a developer tools like chrome does.
 
I clicked around for a while using the latest macOS version of Tor Browser and I did bump into one request which failed in the same way you described, but it wasn't consistent.

It doesn't seem explicitly to be an issue with Tor browser itself, but it may be an interaction between that and Cloudflare here. The request failed with a 403 HTML response which looks to me like it came from Cloudflare.

It may be the case that certain requests appearing from certain IP addresses are being blocked by Cloudflare, which could explain why it is so sporadic. This isn't something we've explicitly configured so the behaviour may be being erroneously picked up by Cloudflare as being problematic.

Unfortunately there's not a lot we can do here.
 
thanks.
that was why i did comment it was probably a TOR browser issue.
it happens both on the apple laptop running catalina and my windows 10 computer.
i usually use my laptop as i can sit with it in my lap while in the chair with my feet and legs elevated.
13.0.14 (based on Mozilla Firefox 115.10.0esr) is what the apple laptop is running.
i have seen other issues reported that are related to firefox also and that was why i thought it was likely to be a browser issue and not so much a program issue.
i do see several
Uncaught (in promise) TypeError: NetworkError when attempting to fetch resource that has a js tag on the right.
when browsing around here and usually when i see that error is when the alert does not pop up when clicked on.
i also get a patchWindow disabled notice
that seems to be related to google though - / Copyright 2012 Google Inc. All rights reserved.
i also found one of the 404 errors - view-source:https://cdn.jsdelivr.net/joypixels/assets/8.0/png/unicode/64/1f44d.png
i do not have the issue on my site and thought it might be also due to the newer code in the latest version of the program.
it is probably a combination of going through onion router and then being based on firefox.
 
Last edited:
It doesn't seem explicitly to be an issue with Tor browser itself
i think some of it may be the use of noscript for sites by default.
i did a temporary allow for xenforo for it and so far it seems to be doing what it should be?
i recently set my TOR browser settings to safest.
will see if the problem comes back.
 
if need more information then will be happy to help but need guidance on what to look for and where in TOR browser.
i think it has a developer tools like chrome does.

I tried using chrome dev tools and was so annoyed because in FF I can edit and resent a request with modified headers, request type etc but I couldnt seem to do it in chrome wouldnt let me change GET to POST.

you should try the dev tools in FF they are amazing.
 
i have some of the same issues now on my site now so i think it is actually going to be TOR browser and xenforo of older versions also.
i know that most do not use TOR browser and it was probably not tested against the program very well for any issues.
 
Back
Top Bottom