Embed Notice

@phnt@fluffytail.org @waifu@mai.waifuism.life There is no reason to prove a browser is "real" in the normal world.Okay, keep believing that.you are trying to combat a bot attackCorrect. Sounds like there are reasons after all. Only took a whole sentence to figure that one out.your mitigation simply has no effectIt appears to have an effect, and not just for my personal cgit. It appears a lot of people are using it because they are seeing a (positive) effect in combatting LLM scrapers with it.it can be easily bypassedIt can, and that's ok. Because if you bypass it, you become a unique UA that I can just block with any regular UA block in HAProxy. Even if you automate "random" UAs, I can put in a pretty excessive UA blacklist with patterns if I so desire. The entire point is that a connection using a regular browser UA has to prove they are in fact a regular, legitimate browser, because blocking those isn't feasible, because you'd block nearly all legitimate traffic otherwise.

Its not a hard concept I think. I don't know why I have to reiterate the same thing three times for you, but I truly hope this time it'll stick. If not, for the love of Stallman please just cancel your Internet subscription.