in reply to Re: COVID-19 data analytics, cryptography, and some things you should know
in thread COVID-19 data analytics, cryptography, and some things you should know

Hello bliako,

Yes I'm aware of how to fake a browser string. Been doing it for years. If you check your server logs you may well see some amusing messages I left in the string...

The server itself runs a let's encrypt certificate but out in front of it is some Cloudflare proxy infrastructure. Last time I looked they were not banana republic operators given they proxy for 11.6% of the top 10 million websites on the Internet.

They are the man in the middle. For me, they issue a perfectly valid certificate. What country are you in? I'll VPN in and see if I can reproduce the issue.

Given who is doing the proxying it's possible the proxy issue MITM lies with you, not us. Just a thought...

  • Comment on Re^2: COVID-19 data analytics, cryptography, and some things you should know

Replies are listed 'Best First'.
Re^3: COVID-19 data analytics, cryptography, and some things you should know
by bliako (Abbot) on Apr 05, 2020 at 11:34 UTC

    i did not say the problem is with you. The problem is with my provider and I found it really weird that they presented me with a certificated issued to them. (perhaps that's how it works!)

    Sure you are aware that a browser string can be faked/changed. But how are you going to sanitise it so that you use it for checking uniqueness together with the IP, which in itself is not unique, i.e. a given hospital may have the same IP for all personnel trying to report something to you.

[reply]

In Section Seekers of Perl Wisdom