Bypass geo.captcha-delivery.com protection

[clementbiron]

Trying to add https://www.fnac.com/Help/cgv-fnac i get this warm message : The document cannot be accessed or its content can not be selected: Received HTTP code 403 when trying to fetch 'https://www.fnac.com/Help/cgv-fnac'

I guess the origin of the problem is the geo.captcha-delivery.com protection of Data Dome.

I found some bypass exemples in javascript, including geo.captcha-delivery.com here.

[martinratinaud]

For this, we need to have the same behavior between Core and contribution-tool as there is no relevance in implementing it on contribution-tool only, as it would not work when fetching page from the core.

I have found 2 ways to add this

• a paying service called https://2captcha.com/
• A detailed way on how to bypass https://filipvitas.medium.com/how-to-bypass-slider-captcha-with-js-and-puppeteer-cd5e28105e3c

2captcha is quite cheap and as we won't need a lot of requests.
It seems very easy to integrate also

@MattiSG please advise on how critical this feature is but integration should be less than a day IMO.

[MattiSG]

Thanks @martinratinaud for the research! For me, using a micro-work platform like 2captcha raises ethical concerns and I thus refuse to take this shortcut for now.

For the moment, I believe the best is to tag the requested additions with the bot-protection tag that you created (thanks!) so we can measure how many are protected and in which ways, and get a better idea on where to focus our efforts to be most impactful (negotiating with specialised operators, talking directly with the service providers, finding a technical way to bypass…). I believe we have enough suggestions in stock on France to keep going for the moment 🙂