Remove newassets from iframe selector

[mikedidomizio]

This change removes the subdomain newassets from the iframe selectors. The reason for the change is because the Cloudflare pages that I've seen on https://boxrec.com and https://www.escapefromtarkov.com/registration, both had iframes without newassets. When the package tries to get the iframe, it'll fail. This makes the selector for iframe less strict and prone to breakage.

I believe BoxRec didn't have a subdomain (didn't take screenshot), where the Tarkov website was instead under cf-assets as can be seen below.

None of the iframes include newassets subdomain

Everything else seems to be the same, like the version from JWT, it's still newassets. The only thing that could potentially need updating is the Origin for the checksiteconfig endpoint. I did see it with cf-assets. I've left it as is for now, it worked unchanged.

cf-assets in the Origin, where this package I've left as newassets

Also while I'm here, do you know if there's a surefire way to re-trigger the Cloudflare captcha pages on websites? I've passed the Cloudflare check on a certain website and I'd like to be able to go back to it.

Thanks

[aw1875]

I'm assuming this doesn't break any other sites but I haven't had a minute to pull it down and run a test yet. Any chance you can confirm this for me? I plan on running some tests later today regardless and if all is fine (which I fully expect based on the changes) I'll merge the code.

[mikedidomizio]

The only other site I've tested against that has an hcaptcha is from the playwright-hcaptcha-solver repo README that has https://democaptcha.com/demo-form-eng/hcaptcha.html, this still does use newassets. It is not a Cloudflare page.

I think it's just the Cloudflare pages that load up the cf-assets subdomain (... which makes sense).

This is the iframe from the demo site above (no Cloudflare).

This is the iframe from the Tarkov site (Cloudflare).

and a compare of the two. Nothing important really but had to share.

I wish I knew of more sites to test against.

Here are my steps to reproduce that this fixes it:

• Load up master branch
• Run against tarkov website (or boxrec if you can trigger it)

Expected result:

• Get token

Actual result:

• Times out as it can't find the iframe

Repeat the steps above, but again against the demo site or the hcaptcha on hcaptcha.com

[aw1875]

Looks great thanks for the changes! Ran through a few tests both headless and headful including cloudflare sites and it seems to be solid so appreciate the modifications.