Skip to content
This repository has been archived by the owner on Feb 6, 2023. It is now read-only.

Draftjs.org is blocked in India #3086

Open
jeswinsimon opened this issue Nov 26, 2021 · 8 comments
Open

Draftjs.org is blocked in India #3086

jeswinsimon opened this issue Nov 26, 2021 · 8 comments

Comments

@jeswinsimon
Copy link

Do you want to request a feature or report a bug?

Issue affecting the documentation site. Raising this here as there is no separate repo for the documentation site.

What is the current behavior?

Visiting drafts.org from India displays a blocked notice.

Screenshot 2021-11-26 at 9 48 04 AM
@pk058
Copy link

pk058 commented Nov 29, 2021

I am also facing this same issue

@rksharma95
Copy link

I am not facing any issue visiting draftjs.org here in india. it must be some temporary issue. @pk058 can you check it again.

@jeswinsimon
Copy link
Author

I am not facing any issue visiting draftjs.org here in india. it must be some temporary issue. @pk058 can you check it again.

Still the same.

@rishav-jha-mech
Copy link

I am also facing the same issue

idk why this is happening, even after using VPN i am getting the same page.

@ujjwalchadha8
Copy link

I am also facing the same issue. Using VPN is the only way it seems.

@tamilvendhank-helptap
Copy link

I am also facing this issue.

@maniSHarma7575
Copy link

I'm also facing the same issue.

@captn3m0
Copy link

👋🏽. I've been documenting this issue across multiple websites.

Here's why this is happening: https://github.com/captn3m0/hello-cloudflare/

Here's how to fix it (Only takes a minute): https://github.com/captn3m0/hello-cloudflare/#help-my-website-is-blocked

Here's a curl log that demonstrates the issue (note that this happens even over HTTPS, because the MITM happens between CloudFlare and GitHub Pages.

curl -vvv https://draftjs.org
* Rebuilt URL to: https://draftjs.org/
*   Trying 104.21.66.176...
* TCP_NODELAY set
* Connected to draftjs.org (104.21.66.176) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS Unknown, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Unknown (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Client hello (1):
* TLSv1.3 (OUT), TLS Unknown, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use h2
* Server certificate:
*  subject: C=US; ST=California; L=San Francisco; O=Cloudflare, Inc.; CN=sni.cloudflaressl.com
*  start date: Jun 27 00:00:00 2021 GMT
*  expire date: Jun 26 23:59:59 2022 GMT
*  subjectAltName: host "draftjs.org" matched cert's "draftjs.org"
*  issuer: C=US; O=Cloudflare, Inc.; CN=Cloudflare Inc ECC CA-3
*  SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* TLSv1.3 (OUT), TLS Unknown, Unknown (23):
* TLSv1.3 (OUT), TLS Unknown, Unknown (23):
* TLSv1.3 (OUT), TLS Unknown, Unknown (23):
* Using Stream ID: 1 (easy handle 0x55e803a64620)
* TLSv1.3 (OUT), TLS Unknown, Unknown (23):
> GET / HTTP/2
> Host: draftjs.org
> User-Agent: curl/7.58.0
> Accept: */*
>
* TLSv1.3 (IN), TLS Unknown, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS Unknown, Unknown (23):
* Connection state changed (MAX_CONCURRENT_STREAMS updated)!
* TLSv1.3 (OUT), TLS Unknown, Unknown (23):
* TLSv1.3 (IN), TLS Unknown, Unknown (23):
* TLSv1.3 (IN), TLS Unknown, Unknown (23):
< HTTP/2 200
< date: Mon, 10 Jan 2022 05:13:59 GMT
< content-type: text/html
< pragma: no-cache
< cache-control: no-cache
< cf-cache-status: DYNAMIC
< expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
< report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c9b59OO5ftR%2BjQEW%2B7GrTuoU6D6aI2FuZlFeYt1ZrV5CK%2BOFipm5dKEJhsmO64ZcPyc8D63xi2YDRMfX%2B3zZwa0tCXDpXSwC26X5eU%2FVJv2cHiOvJzK48sKe0oXi%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
< nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
< server: cloudflare
< cf-ray: 6cb36b5529171d89-BLR
< alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
<
* TLSv1.3 (IN), TLS Unknown, Unknown (23):
* Connection #0 to host draftjs.org left intact
<meta name="viewport" content="width=device-width,initial-scale=1.0,maximum-scale=1.0"/><style>body{margin:0px;padding:0px;}iframe{width:100%;height:100%}</style><iframe src="https://www.airtel.in/dot/" width="100%" height="100%" frameborder=0></iframe>

To everyone reporting that they don't see it blocked, since the site is hosted on Cloudflare, you need to hit one of the POPs (edge locations) that are peered with Airtel for the block to occur. The DEL POP is known to do this much more.

It is reproduced more reliably if you are on an Airtel Broadband/Mobile connection (and remember to disable all DoH/VPN etc).

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
8 participants
@captn3m0 @jeswinsimon @ujjwalchadha8 @maniSHarma7575 @pk058 @rishav-jha-mech @rksharma95 @tamilvendhank-helptap