You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We currently set a test cookie and expect to read it back to determine if the user is a real cookie-accepting browser, at which point they are issued an anon_user record.
Unfortunately, bots also play back cookies and get registered as real browser-using humans.
To fix this, we'll need to move some of the code into JS: set a test cookie on the first request, then have JS play it back to confirm it's a real browser.
This will still be fooled by bots that use headless browsers, but our current problem appears to be an aggressive Python script.
The text was updated successfully, but these errors were encountered:
We currently set a test cookie and expect to read it back to determine if the user is a real cookie-accepting browser, at which point they are issued an anon_user record.
Unfortunately, bots also play back cookies and get registered as real browser-using humans.
To fix this, we'll need to move some of the code into JS: set a test cookie on the first request, then have JS play it back to confirm it's a real browser.
This will still be fooled by bots that use headless browsers, but our current problem appears to be an aggressive Python script.
The text was updated successfully, but these errors were encountered: