[Cin] To be able to register to forum, cookie domains to allow?
Miroslav Rovis
miro.rovis at croatiafidelis.hr
Mon Sep 2 12:44:46 CEST 2019
On 190828-21:56+0200, Sam wrote:
> On 28.08.19 21:27, Miroslav Rovis wrote:
> > But give me time. More hours to get some work going...
>
>
> All right, take as much time as you need.
>
And in another email you wrote:
> If it's not too much trouble for you, please try https and www.
Here's why it can't even be set to accept https, in the (I think still latest) Pale Moon (28.6.1, the bug-fix version). Pls. have a look at the 38 sec video (550k, likely will be let through):
Screen_190902_0953_gdO.webm
I think it's the cookie domain to set is not to do with the protocol; why they set it (same in Firefox or other browsers) as http://<that-domain> is not clear to me.
So I can't even try to set https://www.cinelerra-gg.org. Correct me if I'm wrong or miss something.
I also I think the IP that reset the connection on the first register attempt of mine was the Word Press.
The period of the attemped registration and password reset started at 2019-08-28 12:49 and lasted alltogether some 17+ minutes, during which time I had no difficulty subscribing to:
94.16.115.56 lists.cinelerra-gg.org
(toward the end of that period).
If the hosts that tshark --the Wireshark's command line binary-- got me. This is an excerpt from the output of my tshark-hosts-conv.sh script (available from github, used by my uncenz program at https://github.com/miroR/uncenz), from dump_190828_1249_gdO.hosts:
192.0.73.2 secure.gravatar.com
192.0.74.10 ns3.wordpress.org
192.0.74.5 ns3.automattic.com
192.0.75.10 ns4.wordpress.org
192.0.77.48 s.w.org
are veritable (likely they are).
However, there is a lot of Google in the register/cookie-setting-attempt called from:
104.27.142.18 www.cinelerra-gg.org
in the process of registering, i.e. in the resetting of password, where I came to be stuck at. These (another excerpt as above, only the cloudfront.net is not Google of course), from dump_190828_1249_gdO_tHostsConv.log:
216.58.214.234 googleadapis.l.google.com
| <- | | -> | | Total | Relative | Duration |
| Frames Bytes | | Frames Bytes | | Frames Bytes | Start | |
192.168.1.2 <-> 216.58.214.234 42 7442 48 5604 90 13046 320.797751000 339.0288
---
99.86.243.123 d2ghehhx11czsj.cloudfront.net
| <- | | -> | | Total | Relative | Duration |
| Frames Bytes | | Frames Bytes | | Frames Bytes | Start | |
99.86.243.123 <-> 192.168.1.2 72 6039 98 122695 170 128734 322.363293000 115.2591
---
172.217.18.78 youtube-ui.l.google.com
| <- | | -> | | Total | Relative | Duration |
| Frames Bytes | | Frames Bytes | | Frames Bytes | Start | |
172.217.18.78 <-> 192.168.1.2 358 31882 447 600339 805 632221 322.567287000 132.0767
---
172.217.18.68 www.google.com
| <- | | -> | | Total | Relative | Duration |
| Frames Bytes | | Frames Bytes | | Frames Bytes | Start | |
172.217.18.68 <-> 192.168.1.2 225 45826 218 191274 443 237100 323.438715000 708.9454
---
172.217.18.86 ytimg-edge-static.l.google.com
| <- | | -> | | Total | Relative | Duration |
| Frames Bytes | | Frames Bytes | | Frames Bytes | Start | |
172.217.18.86 <-> 192.168.1.2 37 3506 34 25703 71 29209 323.678992000 115.9501
---
172.217.20.3 pki-goog.l.google.com
| <- | | -> | | Total | Relative | Duration |
| Frames Bytes | | Frames Bytes | | Frames Bytes | Start | |
172.217.20.3 <-> 192.168.1.2 19 2101 17 2567 36 4668 323.936909000 117.6932
---
172.217.19.97 photos-ugc.l.googleusercontent.com
| <- | | -> | | Total | Relative | Duration |
| Frames Bytes | | Frames Bytes | | Frames Bytes | Start | |
172.217.19.97 <-> 192.168.1.2 26 2844 23 8686 49 11530 325.511694000 116.1180
---
172.217.16.99 gstaticadssl.l.google.com
| <- | | -> | | Total | Relative | Duration |
| Frames Bytes | | Frames Bytes | | Frames Bytes | Start | |
172.217.16.99 <-> 192.168.1.2 109 12768 97 56720 206 69488 349.518633000 669.8635
---
Only from two of those Word Press IPs listed actually conversed with my machine in the period of the attemped registration password reset, from dump_190828_1249_gdO_tHostsConv.log:
192.0.73.2 secure.gravatar.com
| <- | | -> | | Total | Relative | Duration |
| Frames Bytes | | Frames Bytes | | Frames Bytes | Start | |
192.0.73.2 <-> 192.168.1.2 95 10665 85 45709 180 56374 370.418614000 30.1466
---
[...]
---
192.0.77.48 s.w.org
| <- | | -> | | Total | Relative | Duration |
| Frames Bytes | | Frames Bytes | | Frames Bytes | Start | |
192.0.77.48 <-> 192.168.1.2 40 4427 37 10151 77 14578 399.062082000 229.7331
---
But Word Press may have reset the connection because Google "told" it id didn't get what it wanted, for the registration. Or Maybe I need to allow Word Press as cookie domain? There's no knowing from just the trace... Maybe the full understanding of Javascript would tell complete truth, but I'm far from such level of expertise, at this time.
Here's some of the extracted javascript that would need to be figured out:
mr at gdOv:/Cmn/mr$ ls -ltr /<path-to-directory-with-trace-in-question>/*_files | grep js | sed 's/ gar gar/ mr mr/'
-rw-r--r-- 1 mr mr 1239 2019-08-31 17:41 email-decode.min.js
-rw-r--r-- 1 mr mr 209765 2019-08-31 17:42 sdk.js%3fhash=1c4de91b849b35f8ea82203de2be0ffc
-rw-r--r-- 1 mr mr 3224 2019-08-31 17:42 sdk.js
-rw-r--r-- 1 mr mr 329827 2019-08-31 17:42 www-embed-player.js
-rw-r--r-- 1 mr mr 110356 2019-08-31 17:42 www-embed-player(1).js
-rw-r--r-- 1 mr mr 89532 2019-08-31 17:42 remote.js
-rw-r--r-- 1 mr mr 28 2019-08-31 17:42 log_event%3falt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8(1)
-rw-r--r-- 1 mr mr 3047 2019-08-31 17:42 log_event%3falt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
-rw-r--r-- 1 mr mr 1167536 2019-08-31 17:42 base.js
-rw-r--r-- 1 mr mr 88 2019-08-31 17:42 webworker.js%3fhl=en&v=v1565591531251
-rw-r--r-- 1 mr mr 12267 2019-08-31 17:42 pWmgTbzrV74Bm6PUhVaf0UNg58JyytbJ0QQZlIXNEVM.js
-rw-r--r-- 1 mr mr 762 2019-08-31 17:42 api.js%3fhl=en
-rw-r--r-- 1 mr mr 12260 2019-08-31 17:42 3-hpRAd0_wuB6laQqaJG0uu5agxtfADTbxmN8ntEYS8.js
-rw-r--r-- 1 mr mr 209765 2019-08-31 17:44 sdk.js%3fhash=d31706527425a30b91f78244f9ccb07c
-rw-r--r-- 1 mr mr 3224 2019-08-31 17:44 sdk.js
-rw-r--r-- 1 mr mr 329827 2019-08-31 19:31 www-embed-player.js
-rw-r--r-- 1 mr mr 110356 2019-08-31 19:31 www-embed-player(1).js
-rw-r--r-- 1 mr mr 88 2019-08-31 19:31 webworker.js%3fhl=en&v=v1565591531251
-rw-r--r-- 1 mr mr 209765 2019-08-31 19:31 sdk.js%3fhash=d31706527425a30b91f78244f9ccb07c
-rw-r--r-- 1 mr mr 3224 2019-08-31 19:31 sdk.js
-rw-r--r-- 1 mr mr 89532 2019-08-31 19:31 remote.js
-rw-r--r-- 1 mr mr 12267 2019-08-31 19:31 pWmgTbzrV74Bm6PUhVaf0UNg58JyytbJ0QQZlIXNEVM.js
-rw-r--r-- 1 mr mr 28 2019-08-31 19:31 log_event%3falt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8(1)
-rw-r--r-- 1 mr mr 3047 2019-08-31 19:31 log_event%3falt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
-rw-r--r-- 1 mr mr 1239 2019-08-31 19:31 email-decode.min.js
-rw-r--r-- 1 mr mr 1167536 2019-08-31 19:31 base.js
-rw-r--r-- 1 mr mr 762 2019-08-31 19:31 api.js%3fhl=en
-rw-r--r-- 1 mr mr 12260 2019-08-31 19:31 3-hpRAd0_wuB6laQqaJG0uu5agxtfADTbxmN8ntEYS8.js
-rw-r--r-- 1 mr mr 209765 2019-08-31 21:04 sdk.js%3fhash=1c4de91b849b35f8ea82203de2be0ffc
-rw-r--r-- 1 mr mr 3224 2019-08-31 21:04 sdk.js
mr at gdOv:/Cmn/mr$
The whole trace analysis is much more than this... I might try and post the whole analysis on https://www.Croatiafidelis.hr/foss/cap/ . Just "might", I don't promise.
Thinking more...
Hmmh. Have to give it another look, and see which exact Word Press address did the reset.
Regards!
--
Miroslav Rovis
Zagreb, Croatia
https://www.CroatiaFidelis.hr
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Screen_190902_0953_gdO.webm
Type: video/webm
Size: 554701 bytes
Desc: not available
URL: <https://lists.cinelerra-gg.org/pipermail/cin/attachments/20190902/e889595f/attachment-0001.webm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: not available
URL: <https://lists.cinelerra-gg.org/pipermail/cin/attachments/20190902/e889595f/attachment-0001.asc>
More information about the Cin
mailing list