Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Captcha Harvester "ERROR for site owner: Invalid domain for site key" #204

Closed
walmat opened this issue Dec 26, 2018 · 14 comments · Fixed by #253
Closed

Captcha Harvester "ERROR for site owner: Invalid domain for site key" #204

walmat opened this issue Dec 26, 2018 · 14 comments · Fixed by #253
Assignees
Labels
area:frontend Related to Nebula's Frontend Electron app area:task-runner Related to Nebula's Task Runner package priority:urgent Issues that need to be solved right away type:bug Something isn't working

Comments

@walmat
Copy link
Owner

walmat commented Dec 26, 2018

Describe the bug
The captcha harvester works really well, but seems to have a small bug when trying to validate the site domain. I'm assuming this is due to the fact that we are technically the domain of the harvested token, not the respective task site.

To Reproduce
This is a little hard to reproduce, so I've attached a file (see end of OP) to help show you exactly what I'm experiencing.

Expected behavior
The harvested captcha response should validate properly and be accepted by the post payment method on the task runner side. Since there's no changes that need to be done there (or so I hope) I'm just opening up this issue to track the frontend changes.

Additional context
debug file –– rename to debug.html and open in browser to see what i mean

@walmat walmat added type:bug Something isn't working area:frontend Related to Nebula's Frontend Electron app area:task-runner Related to Nebula's Task Runner package labels Dec 26, 2018
@walmat walmat added this to the Beta 2 Release milestone Dec 26, 2018
@walmat
Copy link
Owner Author

walmat commented Dec 28, 2018

Might need your expertise on this when you get a moment. Captcha window is useless till this gets patched.

@walmat
Copy link
Owner Author

walmat commented Dec 28, 2018

@pr1sm ^^ sorry forgot to tag you. Get to this whenever you can! Or if you have any tips, let me know!

@pr1sm
Copy link
Collaborator

pr1sm commented Dec 28, 2018

Hmm, yeah I remember this being a problem when I was first implementing the captcha page, not sure how I initially solved it... Will take a look back at the commit history and see if there are any relevant messages.

@walmat
Copy link
Owner Author

walmat commented Dec 28, 2018

Sounds good! Yeah I'm not sure either :/

@walmat walmat modified the milestone: Beta 2 Release Dec 29, 2018
@pr1sm
Copy link
Collaborator

pr1sm commented Dec 29, 2018

Can't seem to download your debug file -- says server not found... How big is it? can you dm it to me?

@walmat
Copy link
Owner Author

walmat commented Dec 29, 2018

Hmm that’s weird.. Yeah I’ll dm right now

@pr1sm
Copy link
Collaborator

pr1sm commented Dec 29, 2018

I'm unable to reproduce this error message in our frontend. I'm using the debug commands (available in dev mode) to start/stop a harvest: window.Bridge('testStartHarvest') and window.Bridge('testStopHarvets'). I can launch a captcha window and complete multiple captchas.

Is there a particular site on which the captcha harvester is failing? Does this work for you in dev mode (using the commands above). Maybe the problem lies only in prod or the built app?

@walmat
Copy link
Owner Author

walmat commented Dec 29, 2018

I believe you’ll need to actually run this on a task for it to reproduce why it’s failing. I think the problem lies with the fact we’re solving the captcha on our machine, not the respective site domain. We may need to reconfigure a few things to get it to work.

I think if you run enough tasks on kith it’ll require a captcha from you. That’s where the debug file is from

@pr1sm
Copy link
Collaborator

pr1sm commented Dec 29, 2018

I'm not sure how much I can help with this issue since I can't seem to get a captcha to trigger for me and when testing manually (via the debug commands) everything works fine.

From the html, I'm not sure if the error message loads when the captcha loads or after attempting to solve the captcha. I'm unclear about what you mean by "not on the site domain" since the js for a catpcha is always run on the local machine. Is it possible our shopify captcha key is wrong? It seems like we are always using the same key (6LeoeSkTAAAAAA9rkZs5oS82l69OEYjKRZAiKdaF) since we don't pass any site specific key. Could this key be out of date? Maybe we need to update this default key.

A solution that might work is having our captcha server act as a proxy for the actual site domain. We could attempt to go to the specific site, hit our proxy (the captcha server), then serve the same html instead of proxying the request. This would allow the BrowserWindow (and any loaded js such as the captcha js) to think it is loading the actual site while it is really loading our captcha.html file.

@walmat
Copy link
Owner Author

walmat commented Dec 29, 2018

A solution that might work is having our captcha server act as a proxy for the actual site domain. We could attempt to go to the specific site, hit our proxy (the captcha server), then serve the same html instead of proxying the request. This would allow the BrowserWindow (and any loaded js such as the captcha js) to think it is loading the actual site while it is really loading our captcha.html file.

Yeah this is what I meant by "not on the site domain." Sorry the lack of clarity, it was late and I was pretty sleepy. I do think this is our only issue though, the site key should be fine.

@walmat
Copy link
Owner Author

walmat commented Dec 31, 2018

I've gone ahead and created a way for us to always receive a task:

  1. checkout branch issue_204
  2. make task with:
  • Product: https://shop.havenshop.com/products/vans-vault-x-taka-hayashi-sk8-hi-sr-lx-vachetta-suede-sun-ray
  • Site: Haven
  • Profile: Test Profile US
  • Size: Any, it will choose US 8 for you

@pr1sm
Copy link
Collaborator

pr1sm commented Jan 4, 2019

Hmm, I'm not able to reproduce, but it's because I can't even create a checkout session (always responds with 422 response). I think I might have to wait until I'm back in the States to investigate this further...

@walmat
Copy link
Owner Author

walmat commented Jan 12, 2019

Here's a recently updated captcha harvester we can compare against: https://github.com/ItsFuego/Captcha-Solver

@walmat walmat added the priority:urgent Issues that need to be solved right away label Jan 12, 2019
@walmat walmat mentioned this issue Jan 12, 2019
4 tasks
@pr1sm
Copy link
Collaborator

pr1sm commented Jan 15, 2019

Thanks for linking the updated harvester! I wasn't familiar with Electron's protocol module, but I was able to use the example code and Electron's api to find a slightly different method that works better for us.

I'm gonna push what I have now, but there's still some code cleanup to do -- will put up a PR tomorrow.

pr1sm added a commit that referenced this issue Jan 15, 2019
This commit adds a protocol interceptor to load our captcha html instead of the regular html for other sites.

This commit also updates the captcha server middleware stack to better handle loading assets such as images/styling/js while still redirecting everything else to the captcha html page.

Issue: #204
pr1sm added a commit that referenced this issue Jan 17, 2019
* Handle Captcha State

This commit adds a missing handler for the captcha state. This uses the checkouts handle request captcha method to request a captcha and wait for the token. The handler has also been updated to include error checking.

* Use Protocol Interceptors to Load Captcha Page

This commit adds a protocol interceptor to load our captcha html instead of the regular html for other sites.

This commit also updates the captcha server middleware stack to better handle loading assets such as images/styling/js while still redirecting everything else to the captcha html page.

Issue: #204

* Add Temporary Workaround for Unhandled Size Option Formats

Some sites include unsupported size option values, which affects our variant group matching. This commit adds a temporary workaround until the actual issue (#239) is addressed.

Additionally, a linter error is fixed, some unnecessary log statements are removed, and another log statement is adjusted to only display relevant information.

* Fix Various Captcha Related Bugs

This commit addresses some (not all!) captcha related bugs:
- Captcha Window Reloads are now handled properly
- Redundant Captcha Reset calls are removed
- Attempting to add >5 captcha windows no longer crashes the frontend

These are some small bugs that fall under the scope of this branch. Other larger bugs that require separate issues are not fixed in this commit.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
area:frontend Related to Nebula's Frontend Electron app area:task-runner Related to Nebula's Task Runner package priority:urgent Issues that need to be solved right away type:bug Something isn't working
Projects
None yet
Development

Successfully merging a pull request may close this issue.

2 participants