Opened 21 months ago

Closed 21 months ago

Last modified 21 months ago

#24433 closed defect (fixed)

moat isn't returning bridges on successful CAPTCHA completion

Reported by: isis Owned by: isis
Priority: High Milestone:
Component: Circumvention/BridgeDB Version:
Severity: Normal Keywords: bridgedb-dist moat
Cc: mcs, brade, anonym, intrigeri Actual Points: 1
Parent ID: Points: 1
Reviewer: Sponsor: SponsorM

Description

Pearl Crescent reported that moat isn't returning bridges upon successful CAPTCHA completion. This needs to be debugged/investigated.

Child Tickets

Change History (11)

comment:1 Changed 21 months ago by isis

Status: newneeds_review

Aha, there was a bug in the test-moat script, because the server requires (in order to create and check the CAPTCHA) that it has some notion of what the client's IP is. Added an "X-Forwarded-For" header to the curl command fixed it. I've also made it somewhat easier to pass the latest challenge and the solution (always "Tvx74PMy" since that's the only CAPTCHA in the bridgedb.git/captchas directory):

(bdb)∃!isisⒶwintermute:(develop *$>)~/code/torproject/bridgedb ∴ ./scripts/test-moat fetch
{"data": [{"challenge": "QSPBFMxqGi-mlxwPcjWJ7FJqY0FW0wx60B5zTM4LMWDda8VwRzKtClAsBCdVP-q8WDYD5sRj6PzDXF1hAdsOJu0M-AWokcF6nxfOg0ZadpINW3QHqtdu9Veg0j2GBjQVquyLi5LrZ2R1hNi17igQdm1xgtrLsnWbu_Ts4SCSRxBy9W6nXYkWRqnbzU2BQgbvkIKrDhbqAdhSQsWDr25tWYYRVK6k_GBSJOblJ_vRBYZdIuCC-BZVQicJM2c3j_5aj0ClApe_EacqN6CL-nk6yR9Ukw8gNQelIewvREkqbdxR6Rhiwfc059pIt9wyMQL6_yMODSpmtocui_5ecNDvSXPxE5qZiV9f-Rsg_Bh3ccFRFNpw", "id": 1, "version": "0.1.0", "type": "moat-challenge", "image": "/9j/4AAQSkZJRgABAQEASABIAAD/2wBDAAEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQH/2wBDAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQH/wAARCAB9AZADASIAAhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQAAAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+Pn6/8QAHwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREAAgECBAQDBAcFBAQAAQJ3AAECAxEEBSExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwD+lv8AZ8/Zy0z4H6/aaLreofDjxXqGn27RahoMGt2/jWbw58P/ABTq3iq2110k8UWsninUE8X6haq93b6XdWFpNr2o3kCWl5aWCQPV8f8AhcN4Y8Y3fwR8Faj4MvbfWtWi0u7n8I6z4g16Ww1/xl4Z8Mvc6bb6V9hm8Bafptn4Ztru3bRZrvVdH8M2Fpr7aYt9GkRreDPFnw41vwd4X+Ifi34c3fgDx1AdD8N6Z4o8PeLNV0bwnBb6PqF14V1fV9A0yy8Y2V3ffDjwR4ne8uLY60dAsLXw54iWPS5JL3Untrr6A8BWnw+079pLXPHWv+PZIfEev61ZeFLDw3ptn4a07TNd8bXngOEy6feKtmfFun6suneEtW1TT01jWbnSL7TtWsJrDUrxnURgHQ+Jta0PQbxv+ER1uaKb4o6Fcw31pqV81hDPH4RsxYeMvFq6P4lGhS67e6jbWfhjQoNVvvEEhmtZk1GxjtolvJrvyX4faD8O/C3iDVrC9bWrnXfGHgLVfBF9qvh6/wDEfjjxhbNqGoWl/qEf/CR3l/rOn+F3E2pvqP2O81zWr+a2vdItor21SwsbR7Xxo8R3XxD1e+Hhr4X6BFo+h+Ftb8+21CaCy8b3Os3XiXQrPxnodve6Zqc1pp6xRvqUMesBL3Shrulz3F5qWkwaWl7La8XfDPwx4l+F02rXPivxt4f0+98JJ4k8Vy+G/EdjqfxI8IabqUi3E8GlfZNB8V3Gr6k8+iWlrJqI1RYRHpS/2RcW+n2qwxACeOvAOhWPgPw5Y6ZYa9pXhz4VjRZfClpfXWuabrGhS+FTpvhc6nq3h/Xda0XSH0eyt9O1G1bxLY6pcmEalZa5p6kRjUT5p4z8KfDH4f33jW/8P+GvCGjeO/2ifHtlZ6np2peBfFWtW/xe8PJovh+fx6bEaClg2haPqV2VZtR1y41zw+JUvNQ1Sa8Gr3sp6eLWta/aF8aa1Y6g2qeOvhssdx8P/F3hXwx4hbw74q8PReEPGBOheI9StL97Wy002r/bT44Sz8T3sniS003w5eQ6WLO/uNNX1PxXrfwqliubLxJq/wAS7mx8JaX4T1OS68Q+Jbrwb4W8JeK59ZuobF9Z8d6bqOl2mrw6xe601rqWl6Rf6voUUfhs6ZDaLdRWtpKAeXeBofElt8NvCfhLxIPGHwT1L4ZeIvClrYeOvDsVuLjVvD2uXsHhzRpvEkutOLbUL7W9Q8ReJ7qKyWTWtP0toGvr+zF+9pBXY+K/H3w71qGXw/4L8ba38RNT1zUvCFlFr3hfxfa+GNX8ST+NPEd9YSX1pJ4AsLPUZNe8MDRpv7YM+mRLa+HrOSV72SJdUtpu+0DTNQ0Cz0lND0my+JmqeJ9Iutf8UeHtB8W3Gp/DO7urSwh8QbgfET62NOlvfFfiGO50iLR4bOefS3jnkF39htbU+E3uqeFdVlsL7xN8O9Y+HPhXwtrdz448E+ED40tdH8cP4l8VJdanqPiDXvDGiaG/iLTZbbxNrsvhHw7pVlquptez6rJeNpEUltazqAfQHh3x38NfB/jK08I2UnxIvPFOjXHiabw7Dq2sxXVrZajeXGhLqNtq3hiy1nT7+/kMfieDxAt/4p04XUOlzXuoSX9vAoK+G2fjkx+Or7w7H4U8Qf8ACPa54r+KVj4g+JXh6DxdrVz4GuNQ1/VdH0rTpPFOj6pY2eoad4g1W/tdROg+HZp5/C09uF1LTWkFzrFi6w+IllqNv/wk99ZXemeLPF+kaj4Gg1PxP4Pl12x1DwpDp19Bpml+MrefWNKfwx4pPiXT9W8OQrqniaebVL+CRbpYRf6fFa6Hx3j1u38P/CfS/A2uePvDCeDI9O1bWfHOsavo2k2X27xzqGm2Gkadb6t4h1j/AIQvxFqc+pagttdQpo/iuK30Z77TrCWz1W901pgDmvDngL4aaFo9xoVt4h8Yan/wqC2nmg1DxHd+IIfiV4MtNG8TeIrvUfG/hmI3tzfeID4tv5ZGtEjuLeDXdAtrSJ4tbk09rZ+s8SR3TeHbO70bRbr4jaX4t0HTde8Wav4WtdAh1HWvGOtPo1pF4k1r4b2Ed9PqN/4RsnhvtR1kQajdaSl3o7/2Hrs9mj2XP/HLw5pB+IPwt+Gfi200u98O3+mXekz+FFbSbG28ZXOr2eoy350jw3o/w68T3QfwZZ6XNr2gXUfiXSZrWTX/ACdVvAt0gat8MPjDaeJ/EiXvw4istK02w8CeMblPhpovhs2OreD9Xg1XVLPVNCvtZi8M2PiXS4tR1nwssXiq00TS/EetHXr6xjVLBRp8uogHs9r4D02+1rwV4N0HW/Eeu3Xwp8QQ6h4nstG8SwRX8d5e2812U8TQaHPokEemTQ+IbiN7i7sdN8T6hNpJFxZazbXV248m8D678KfhH4y8Z/Dzxr4V0vUrZL3xd8S/CV9BYnU/JUzXum6VbzeLPE+sK+g+JNGmTX9I1C7v510m0u9S02BdZ0s6tZWNzqHW/CH7SFz4R8SaDqE/gXWYPGnhmz+Mmp+G7zxh4Zi8RanoVrrCaV4M1rUtOfwzrq6hDJKJrXR77UQ9jc3L2viHSnvBa2U8vjg6/bppPxH8LaDr/jn4g6Hd3Hiy40jw94gnsNE8eaRa2PjS3bw2bKPQ43i1DTprjT7iXTte0uH+3pdB0bztS1O60yR4gDb+MTa/oP2XSrj4Sj4jx6n4jiPhDT/C/jWGdjc6b4MYafD4lW41Tw1Y/DnSre6sdP8AEdpFp39vafZ6pZm7tM63c2M1c94f1j4z2V/q+va14d0nx54x1jW7H4bXEX

Taking the "challenge" field from the above response along with the solution, it should respond now with bridges:

(bdb)∃!isisⒶwintermute:(fix/24433 *$)~/code/torproject/bridgedb ∴ ./scripts/test-moat check QSPBFMxqGi-mlxwPcjWJ7FJqY0FW0wx60B5zTM4LMWDda8VwRzKtClAsBCdVP-q8WDYD5sRj6PzDXF1hAdsOJu0M-AWokcF6nxfOg0ZadpINW3QHqtdu9Veg0j2GBjQVquyLi5LrZ2R1hNi17igQdm1xgtrLsnWbu_Ts4SCSRxBy9W6nXYkWRqnbzU2BQgbvkIKrDhbqAdhSQsWDr25tWYYRVK6k_GBSJOblJ_vRBYZdIuCC-BZVQicJM2c3j_5aj0ClApe_EacqN6CL-nk6yR9Ukw8gNQelIewvREkqbdxR6Rhiwfc059pIt9wyMQL6_yMODSpmtocui_5ecNDvSXPxE5qZiV9f-Rsg_Bh3ccFRFNpw Tvx74PMy
{"data": [{"qrcode": "data:image/jpeg;base64,/9j/4AAQSkZJRgABAQAAAQABAAD/2wBDAAgGBgcGBQgHBwcJCQgKDBQNDAsLDBkSEw8UHRofHh0aHBwgJC4nICIsIxwcKDcpLDAxNDQ0Hyc5PTgyPC4zNDL/wAALCAFeAV4BAREA/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQAAAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+Pn6/9oACAEBAAA/APf6KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKz9b1vTvDmjz6tq1x9nsYNvmS7GfbuYKOFBJ5IHArj/+F2/Dz/oYf/JK4/8AjdH/AAu34ef9DD/5JXH/AMbo/wCF2/Dz/oYf/JK4/wDjdH/C7fh5/wBDD/5JXH/xuuo8N+KdG8XadJf6Hefa7WOUws/lPHhwASMOAejD86sa3reneHNHn1bVrj7PYwbfMl2M+3cwUcKCTyQOBVfw34p0bxdp0l/od59rtY5TCz+U8eHABIw4B6MPzqxret6d4c0efVtWuPs9jBt8yXYz7dzBRwoJPJA4Fcf/AMLt+Hn/AEMP/klcf/G67iwvrfU9Otr+zk8y1uokmhfaRuRgCpweRkEdax/E/jbw74O+y/2/qH2P7Vv8n9zJJu243fcU4xuXr61n6J8UvBviPWINJ0nWftF9Pu8uL7LMm7apY8sgA4BPJrsKK5/xP428O+Dvsv8Ab+ofY/tW/wAn9zJJu243fcU4xuXr61z/APwu34ef9DD/AOSVx/8AG66Dwx428O+MftX9gah9s+y7PO/cyR7d2dv31Gc7W6elZ+t/FLwb4c1ifSdW1n7PfQbfMi+yzPt3KGHKoQeCDwaz/wDhdvw8/wChh/8AJK4/+N1YsPi/4E1PUbaws9d8y6upUhhT7JONzsQFGSmBkkda2PE/jbw74O+y/wBv6h9j+1b/ACf3Mkm7bjd9xTjG5evrXP8A/C7fh5/0MP8A5JXH/wAbrY8N/ETwr4u1GSw0PVftd1HEZmT7PLHhAQCcuoHVh+dV9b+KXg3w5rE+k6trP2e+g2+ZF9lmfbuUMOVQg8EHg1Y8N/ETwr4u1GSw0PVftd1HEZmT7PLHhAQCcuoHVh+dV9b+KXg3w5rE+k6trP2e+g2+ZF9lmfbuUMOVQg8EHg12FFef/wDC7fh5/wBDD/5JXH/xuj/hdvw8/wChh/8AJK4/+N0f8Lt+Hn/Qw/8Aklcf/G6P+F2/Dz/oYf8AySuP/jdegVy/iT4ieFfCOox2Guar9kupIhMqfZ5ZMoSQDlFI6qfyrH/4Xb8PP+hh/wDJK4/+N0f8Lt+Hn/Qw/wDklcf/ABuj/hdvw8/6GH/ySuP/AI3R/wALt+Hn/Qw/+SVx/wDG69Aoooorz/42/wDJIdd/7d//AEojryT4TfCbQfHnhW61TVLvUoZ4r17dVtZEVSoRGydyMc5c9/Su7/4Zx8H/APQS1z/v/D/8ao/4Zx8H/wDQS1z/AL/w/wDxquY+InwU8N+EfAmpa5YXuqyXVr5WxJ5Yyh3SohyBGD0Y966f9nH/AJJ5qH/YVk/9FRVh3XjXUviH8QdQ+GerQWkOiz3txbtPaIy3AWAtIhDMzLkmJc/L0JxjtU8SeJLz4EajH4X8LxwXljdRDUHk1NTJIJGJjIBjKDbiJeMZyTz6V9E+I+sfFvWIPA+v21jbaZqe7zpbBHSZfLUyrtLsyj5o1Byp4J6da5/4wfDjR/h//Y39k3N9N9u8/wAz7W6NjZ5eMbVX++eue1SaT8ffFWjaNY6Xb6fozQWVvHbxtJDKWKooUE4kAzgegrq/DH/GQP2r/hK/9C/sTZ9m/sr93v8AOzu3+ZvzjylxjHU9e3lkepTfDn4m3txo6xzvpN7c28AuwWDKC8WW2lcnac8Y5/KvoP4P/EfWPiB/bP8Aa1tYw/YfI8v7Ijrnf5mc7mb+4OmO9eoV8/8A7TX/ADK3/b3/AO0a8U8NabDrPirSNLuGkWC9vYbeRoyAwV3CkjIIzg+hr2vxP/xj99l/4RT/AE3+29/2n+1f3mzycbdnl7MZ81s5z0HTv5ZJqU3xG+JtlcawscD6te21vOLQFQqkpFldxbB2jPOefyr3P/hnHwf/ANBLXP8Av/D/APGq8oufDdn4R+P2l6HYSTyWtrqthsedgXO4xOckADqx7V2/7TX/ADK3/b3/AO0a8Ar2D9nH/koeof8AYKk/9GxV6H8TvhNoOqw+IvGE93qS6glk9wI0kQRboocKMFCcfIM8+vSvAPBXjXUvAeszappcFpNPLbtbst0jMoUsrZG1lOcoO/rVPxT4kvPF3iO71y/jgjurrZvSBSEG1FQYBJPRR3r7nor4Ar3j4d/BTw34u8Cabrl/e6rHdXXm70gljCDbK6DAMZPRR3rg/hN4K03x54qutL1Se7hgisnuFa1dVYsHRcHcrDGHPb0o+LPgrTfAfiq10vS57uaCWyS4Zrp1Zgxd1wNqqMYQdvWvsOvmD9o7/koen/8AYKj/APRstd//AMM4+D/+glrn/f8Ah/8AjVH/AAzj4P8A+glrn/f+H/41R/wzj4P/AOglrn/f+H/41XjnxZ8Fab4D8VWul6XPdzQS2SXDNdOrMGLuuBtVRjCDt619h0UUUV5/8bf+SQ67/wBu/wD6UR1z/wCzj/yTzUP+wrJ/6Kir5gor6/8Ajb/ySHXf+3f/ANKI65/9nH/knmof9hWT/wBFRV5hpGt6d4c/aJ1DVtWuPs9jBquoeZLsZ9u7zVHCgk8kDgVX+NfinRvF3jKzv9DvPtdrHp6Qs/lPHhxJISMOAejD86+h/D+t6d4c+Eug6tq1x9nsYNKs/Ml2M+3ciKOFBJ5IHAry/wCJv/F4/wCy/wDhAv8Aib/2V5v2z/l38rzdmz/XbN2fLfpnGOcZFaGs63p3iD4Xx/DXS7j7R4uitLayfT9jJia3KGZfMYCP5RE/O7BxwTkZ8Q8T+CfEXg77L/b+n/Y/tW/yf30cm7bjd9xjjG5evrWfomiaj4j1iDSdJt/tF9Pu8uLeqbtqljyxAHAJ5Ndh/wAKS+If/Qvf+Ttv/wDHK+h7+xuNM+BVzYXkfl3Vr4aeGZNwO11tiGGRwcEHpXjHwL8beHfB39vf2/qH2P7V9n8n9zJJu2+Zu+4pxjcvX1r3/Xf+Km+Hmp/2R/pP9p6VL9j/AIPN8yI7PvYxncOuMZ5xXj/wy/4s5/an/Ce/8Sj+1fK+x/8ALx5vlb9/+p37ceYnXGc8ZwawPG3gnxF8RvF994r8Kaf/AGhol/5f2a686OLfsjWNvkkZWGHRhyB0z0rv/gX4J8ReDv7e/t/T/sf2r7P5P76OTdt8zd9xjjG5evrXEfGD4d+KtQ8ba/4ltdK8zSFiSY3H2iIYSOBA52lt3G1u3OOK838MeCfEXjH7V/YGn/bPsuzzv30ce3dnb99hnO1unpX1P8PLG48E/Cizh8Qx/YpNOiuJrobhJ5aCSSTPyZz8pzxn868w+NfxE8K+LvBtnYaHqv2u6j1BJmT7PLHhBHICcuoHVh+da/wt+KXg3w58ONJ0nVtZ+z30HneZF9lmfbumdhyqEHgg8GvSPDfxE8K+LtRksND1X7XdRxGZk+zyx4QEAnLqB1YfnVfW/il4N8OaxPpOraz9nvoNvmRfZZn27lDDlUIPBB4Neb/BT4d+KvCPjK8v9c0r7Jayae8Kv9oiky5kjIGEYnop/KvSNb+KXg3w5rE+k6trP2e+g2+ZF9lmfbuUMOVQg8EHg18keG/C2s+LtRksNDs/td1HEZmTzUjwgI

Please let me know if this works for you!

The fix is in my fix/24433 branch which I've already merged into the develop branch.

comment:2 Changed 21 months ago by isis

Actually, heh. From the above output, there's another bug (although it shouldn't stop testing). It's giving a QR when we said we didn't need one. I guess it's nice to know the server is enthusiastic about sending images anyway (and that it works). I've made #24443 for that.

comment:3 Changed 21 months ago by isis

Summary: moat isn't returning bridges on successful CAPTCHA completion?moat isn't returning bridges on successful CAPTCHA completion

comment:4 Changed 21 months ago by isis

Actual Points: .5

comment:5 Changed 21 months ago by mcs

It looks like this is working when I use the test-moat script now. Yay!
I assume that "X-Forwarded-For" will be automatically inserted by the front server. For now, to proceed with integration, we can add it manually like you did in test-moat.

comment:6 Changed 21 months ago by mcs

Kathy and I worked on integration some more and noticed the following issues (please let is know if you want us to open new tickets):

  • The spec in README.rst needs to be updated. General issues are that single quotes should be replaced with double quotes and that all JSON values should be enclosed in quotes (e.g., the id value is not).
  • For the /fetch request, the type is specified as moat-transports but the implementation uses client-transports. For consistency with the other type values you may want to use moat-transports.
  • The data payload is specified as an object but the implementation uses an array. This is permitted by the JSON API specification but seems unnecessary for the moat protocol (since each request and response only includes one JSON object).

comment:7 Changed 21 months ago by intrigeri

Cc: anonym intrigeri added

comment:8 in reply to:  6 ; Changed 21 months ago by isis

Replying to mcs:

Kathy and I worked on integration some more and noticed the following issues (please let is know if you want us to open new tickets):

Hi! Thanks for the review!

  • The spec in README.rst needs to be updated. General issues are that single quotes should be replaced with double quotes and that all JSON values should be enclosed in quotes (e.g., the id value is not).

Fixed in 8d8db4a0

  • For the /fetch request, the type is specified as moat-transports but the implementation uses client-transports. For consistency with the other type values you may want to use moat-transports.

50a9321f

  • The data payload is specified as an object but the implementation uses an array. This is permitted by the JSON API specification but seems unnecessary for the moat protocol (since each request and response only includes one JSON object).

We can change it back to a single object if you think that's better. My reasoning was:

  1. I totally read the spec wrong and I thought it said they had to be arrays, and
  2. future-compatibility, in case we decided at some point that providing the user with more messages/errors might be helpful (e.g. if there is some non-fatal error which we might want to return/log/display on the client-side, but we're still also going to return bridges/captchas).

comment:9 in reply to:  8 ; Changed 21 months ago by isis

Actual Points: .51
Resolution: fixed
Status: needs_reviewclosed

Replying to isis:

Replying to mcs:

  • For the /fetch request, the type is specified as moat-transports but the implementation uses client-transports. For consistency with the other type values you may want to use moat-transports.

50a9321f


Oops, I believe the original behaviour was actually correct: the client, when requesting /fetch, sends a "type": "client-transports". The server, when responding to that request, iff there was no overlap in which transports are supported, sends "type": "moat-transports" to let the client software know which types it does have available.

I've reverted 50a9321f.

Closing as fixed; fingers crossed nothing else is broken.

comment:10 in reply to:  8 Changed 21 months ago by mcs

Replying to isis:

  • The data payload is specified as an object but the implementation uses an array. This is permitted by the JSON API specification but seems unnecessary for the moat protocol (since each request and response only includes one JSON object).

We can change it back to a single object if you think that's better. My reasoning was:

  1. I totally read the spec wrong and I thought it said they had to be arrays, and
  2. future-compatibility, in case we decided at some point that providing the user with more messages/errors might be helpful (e.g. if there is some non-fatal error which we might want to return/log/display on the client-side, but we're still also going to return bridges/captchas).

My argument is that using arrays just makes the code a little more complicated, and on the client side we are always going to send a one-element array for requests and we are going to use data[0] when handling each response. But let's just use arrays since that is what is already implemented.

Please update the spec when you have time.

comment:11 in reply to:  9 Changed 21 months ago by mcs

Replying to isis:

Oops, I believe the original behaviour was actually correct: the client, when requesting /fetch, sends a "type": "client-transports". The server, when responding to that request, iff there was no overlap in which transports are supported, sends "type": "moat-transports" to let the client software know which types it does have available.

I've reverted 50a9321f.

Ah, that makes sense. Sorry for the false alarm.

Note: See TracTickets for help on using tickets.