‘revoke consent’ popup blocks buttons on mobile

arrall

arrall

Bluelight Crew
Joined
Sep 7, 2020
Messages
6,726
Location
Outer Space
The ‘revoke consent’ popup on the homepage is not super clear on how to exit and keeps popping up.
Someone using the site for the first time probably wouldn’t be able to get to the forums on Safari iOS.
 
@alasdairm could the admin team take a look at this?
still having this issue and it would likely be impossible for a new user to access the site on mobile
I can take screenshots/a screen recording if that helps
 
i am unable to reproduce this (i access bl using safari on an iphone frequently).

can you list the steps to get there and also post a screenshot please. and thank you.

alasdair
 
I don't know if the problem you are referring to is what I noticed but when I go the webpage to sign in, the login briefly shows in the lower right corner ( as always) but then it's been instantly covered up by the revoke consent message. This has been going on for a week or two. It had me confused at first but then I found that all I had to do was click on Forums to log in. An extra and obscure step, I thought maybe to mess up bots or something. But yeah, odd.
 
i did some reading on this.

try clicking on the "cookies" link in the forum footer which should reopen the consent banner and allow you to confirm your preference.

alasdair
 
alasdairm said:
i did some reading on this.

try clicking on the "cookies" link in the forum footer which should reopen the consent banner and allow you to confirm your preference.

alasdair
Click to expand...
When I confirm my preferences on mobile, the revoke consent banner pops up and can’t be removed. Clicking revoke consent just brings cookies back and vice versa.
 
Try to look for a Disable 'pop up ' Toggle somewhere ... then click the disable choice ? Maybe. :unsure:

Like in a top or bottom corner somewhere. Then just ' Disable ' it.

You have to clear it and disable. Or it will ' pop up '

( and i'm just saying that helps sometimes. gets rid of it )
 
arrall said:
When I confirm my preferences on mobile, the revoke consent banner pops up and can’t be removed. Clicking revoke consent just brings cookies back and vice versa.
Click to expand...
Might not be the same but try what I did: when I open up the Blue light page, I click on the 3 parallel lines in the upper right hand corner, then choose Forums. At that point I have the unobscured opportunity to log in. It's a couple extra clicks but it's easy.
Of course, there is probably another way to fix the problem, that Kiely and Alister know about, but it works for me
 
Last edited:
Or ..... UTSE !!!

with love ❤️‍🔥

You've got this bb. I know you do !!

💙

Let us know ! ;)
 
alasdairm said:
can you post a screenshot pls.

alasdair
Click to expand...
I took a video, what is a good way to send it to you?
Is email ok?


chippermonk said:
Might not be the same but try what I did: when I open up the Blue light page, I click on the 3 parallel lines in the upper right hand corner, then choose Forums. At that point I have the unobscured opportunity to log in. It's a couple extra clicks but it's easy.
Of course, there is probably another way to fix the problem, that Kiely and Alister know about, but it works for me
Click to expand...
A new user won’t know how to do this.
 
Last edited:
I have a Samsung S24+, I am using the penultimate version of Samsung Internet Browser(Stable), and I can login without confirming any cookies consent, from two points:

A) By clicking the conext menu and selecting forums and by the main-page before the actual forum, and none points me to revoke/accept anything. I am using AdGuard+Home, and I could had face this issue if it was a login problem, where the users must accept/customize cookies but I don't, same applies to my personal computer too.

Now on Apple system things differ because of how restrictive the storage space itself is. You could potentially try to make sure "Block cookies" is disabled within the main browser, or check the cross-site settings.

Uh, this is the way Apple always was. They got something against first/third party cookies, and globally reinforce to make it so secure, that sometimes it just breaks website entirely. Alternative? Microsoft Edge.

Behaves very competently, I know because my wife has a IPhone 15 and I've installed this, and she says its as fast as Safari.

From my point of view, MS Edge is a secure browser, where other Chromium-forks often fail to meet the end criterias. Also happens to be on Apple, yay :)
 
I feel it worth mentioning a known and unresolved issue with ALL mobile devices.

The SIM card itself IS a tiny microcontroller (a CPU with flash-RAM and I/O all on one chip) and JavaCard is not secure. One thing that can ameliorate this matter is to change the PIN code of the SIM, not use the one provided. Why? Because an OTA attack can return the serial number and in some cases that can provide the issued PIN.

As it is, roaming is depricated - if you travel, buy another SIM. Why? Because SS7 is available to anyone who pays - essentially they can 'partner' with your proivider then do everything from geolocation to phonejacking. Smishing IS a thing.

Almost all SIMs contain some manner of ARM-based processor and Javacard leaves bytecode $FF as 'user defined' and in the case of ARM-based CPUs this switches it from Jazelle into whatever it's native instruction-set is. I designed a single 48-bit long string that switches to Thumb if not already in Thumb (i.e. If it IS an M0 based CPU, it performs three harmless Thumb instructions). Spooky as MALLOC works in 256 byte chunks so a malicious applet could smuggle in an additional 125 Thumb instructions. Enough to hijack the OS.

I did it purely out of interest but even the SC300 is not as secure as one might presume.

I left out a detail on the CONDITION for that $ff to be a RETURN but if you know, you KNOW.
 
Last edited:
You're partially right, but let's defuse this bomb together.

Apple SIM's lockdown controls this stack directly via extremely microcontrolled stacks. If an app tries to gain any control over, it is denied because it takes 4 layers of security to reach the SIM. So essentially it is vulnerable to SS7 but not as much as Android, though any network powered device with sim it is. I invite you to read Google's Project Zero analysis into apple area. They fairly detailed as much as possible for both enterprise and power-users to understand what we're dealing with.

I must mention... eSIM is not immune but it removes the old gate probes that's been used in the past, such as Java, to hijack potential radio frequencies or remote controllers, used by traffic lights. These are examples I had offered so you understand in layman terms, that these exists only in isolated cases, on eSIM. Only if you're dealing with a out of security update ROM or even modified illegal open-source OS's.

And it is not related to what arral asked in the first place. I appreciate that some are aware of vintage and 2010's methods that still gives lights out in very sad cases, but isn't a daily factor ;)

what are, is the modified apps/os.

if were talking off the grid, there's a huge blind vast amount of users who use Opera, Firefox.. Chrome, so on. Generic lagging GNOME browsers :)

These are designed to fail. If users are to educate themself some more, they would use Edge. But no! It's Microslop...
 
4DQSAR said:
FUTURE - not NOW.
Click to expand...
Most people replace their phones every 1-2 years because they lease them. I purchased a phone in 2016 that would be perfectly fine for use today if the vendor (Samsung) didn't cut off all support within about 4-5 years of purchase. First they stop shipping OS/kernel updates. Then they stop letting you update the apps. Then they cut you off from the cell network even if the network didn't really change (99% of phones claiming to support "5g" don't even ship with the proper radio to use those frequencies. But the GUI will lie to you about it all day).

That phone has been reduced to an alarm clock. It still worked for browsing the web over wifi until a couple of years ago. But all major websites now pull javascript/css from a handful of providers (usually google) which no longer support the browser engines I can install on that phone.

Third party kernels/OS ROMs won't help you either because all those communities drop support for older devices just as quickly as the vendors do. Phones are a scam and frankly anyone using one deserves what they get. Which is why I no longer carry one despite writing a ton of the code that makes them function (well I did, until they kicked all of us old timers out of contributing to the Linux kernel a few years ago).

I don't wish to get into a long discussion about the technical stuff mentioned above. I have a policy about not bothering with helping people with their phones now. Since they're all vendor locked and designed to be thrown in the garbage after a couple of years of use now. Well that and the fact that their main purpose is to spy on the end user. If you think the SIM card is bad you should learn about what the baseband chip is doing. The baseband chip is the FCC mandated backdoor into every cell phone.

Even the dumb phone I purchased to use on a trip in 2019 or so stopped working with the cell network within a couple of years of purchase. The burner phones are just as bad as the Apple/Android stuff.

As far as the actual point OP is attempting to debug ITT. It's most likely the result of the cloudflare and/or google embedded javascript being used on modern bluelight. Perhaps try blocking the third party javascript and see if it goes away. I'm not sure if posting or even browsing is possible without it. On most "modern" sites it isn't. But given this place is powered by xenforo it should work. I'll test it in a bit myself and see if I can force the mobile design to work within my desktop browser. But it wouldn't surprise me if things don't work at all without the third party javascript since I haven't kept up with xenforo development in many years now.

You could also just nuke the pop up with ublock origin if it bothers you. I've nuked a ton of stuff on here because it was annoying. But I understand most users aren't going to write a custom style sheet and go to the level of blocking third party scripts that I have. The only reason cloudflare and google can even load in my browser at all is because 99% of the web refuses to function without those embeds at all anymore. Cloudflare is simply a global man-in-the-middle attack to by-pass the protection the HTTPS protocol was designed to give you between your browser and the origin website. Anything going through cloudflare is not encrypted at all. Since the website owner has to hand them the encryption keys to make the "ddos protection" work.
 
You must log in or register to reply here.
Top