Access Problem!

[couttsj]

For the past several days I am having a lot of trouble reaching
a number of web sites, including my provider (Telus) and my bank CIBC). Telus is using a reverse proxy provided by Cloudflare (172.66.0.98), and CIBC is using Telus/Akamai (207.194.199.74). A reverse proxy sits in front of an origin server and ensures that no client ever communicates directly with that origin server.

Some time ago, I had a similar problem with "VBForums.com", and I was able to work around that issue. This problem however is different in that if I wait long enough, it eventually loads (most of the time). As I am preparing this message, now VBForums also has this same problem as I try to post this message.

What is going on?

J.A. Coutts

Addendum:
Browser is Firefox 151.0.2

[dday9]

Do you ever get any non-successful HTTP responses, specifically of the 5xx variety?

[couttsj]

Do you ever get any non-successful HTTP responses, specifically of the 5xx variety?

This problem exists only on port 443 to certain web sites. I have no problem on other ports and other sites. There seems to be an issue with my browser (Firefox 151.0.3) and reverse proxy supplied by Cloudflare. It may have something to do with the NoScript addon that I am using, which I am not willing to give up. It has protected me from malicious scripts for years.

J.A. Coutts

[dday9]

NoScript is incredibly invaluable. In fact, my philosophy has changed dramatically where I prefer to write my website with a No-JS first design.

The problem is that I think too many developers take for granted that nearly everyone enables JavaScript by default. It leads to sloppy development, e.g. why use the built-in HTML5 input validations when you could rewrite it using JavaScript.

I tend to think that Cloudflare might be overly relying on JS being enabled in order to work properly. In fact, a quick search engine search shows that Cloudflare is using this: https://developers.cloudflare.com/turnstile and there's this quote:

Turnstile adapts the challenge outcome to the individual visitor or browser. First, we run a series of small non-interactive JavaScript challenges to gather signals about the visitor or browser environment.

[couttsj]

NoScript is incredibly invaluable. In fact, my philosophy has changed dramatically where I prefer to write my website with a No-JS first design.

The problem is that I think too many developers take for granted that nearly everyone enables JavaScript by default. It leads to sloppy development, e.g. why use the built-in HTML5 input validations when you could rewrite it using JavaScript.

I tend to think that Cloudflare might be overly relying on JS being enabled in order to work properly. In fact, a quick search engine search shows that Cloudflare is using this: https://developers.cloudflare.com/turnstile and there's this quote:

Turnstile.workers.dev is already enabled as it is for any other allowable script, but unfortunately it is enabled for the page that it is on. Cloudflare intervention occurs before the handshake is complete and the connection is passed on to the real server. Encryption/Decription occurs on the proxy server.

J.a. Coutts

[couttsj]

Disabling IPv6 made no difference. Disabling NoScript also made no difference. Connecting directly with pop.gmail.com works like a charm, but connecting with mail.telus.com takes forever. Connecting with fastmail.com also works like a charm. VBForums runs after a while when I run "https://browser-compat.turnstile.workers.dev/" in another window.

J.A. Coutts