#1748 Privoxy unable to log into Playstation Network website

[Matt M.]

This one's possibly a filter issue, but I'm keeping it open-minded to be something else altogether. I've been using Privoxy over the last couple of months on a server at a local game store I work at. We previously used Squid on an old server before it was replaced with a new one. Privoxy, by and large, has been suiting our needs quite well, and much of the setup is very reminiscent of older versions of Squid (especially with whitelisting sites, and I'm grateful for this!).

That being said, there's one particular instance I've come across that's a bit... odd. A couple of new customers are looking to play Fortnite on a couple of the computers on the LAN, and are looking to log in via Playstation Network accounts. The Epic Games Launcher loads just fine, but when anyone tries to click on "Sign In With Playstation Network", it gives "An error occurred during communication with the server." on the page itself while mostly loading the rest of the page (see the PrivoxyEnabled.PNG attachment). When Privoxy is removed from Internet Options -> Connections tab -> LAN Settings, the login prompt comes up without a problem. This does happen regardless of either Edge or Chrome being used.

I ran the login page through http://config.privoxy.org/show-url-info (it's lengthy and below), and it came back with the following. My local game store's server name and IP address were removed for safety reasons as I don't wish to freely give that out. By and large, we're running on default settings, outside of an additional forwarding rule for a system that runs a security camera system. I'll be poking at things over the next few hours while we're still opened, but I'll gladly take any advice as to what could be changed to resolve this.

---

This is Privoxy 3.0.33 on SERVERNAME (SERVERIPADDRESS), port 8118, enabled
Forwarding settings:
Requests for https://my.account.sony.com/central/signin/?client_id=559bf940-f58b-41b4-9c4d-f60a5019f885&redirect_uri=https%3A%2F%2Faccounts.epicgames.com%2FpsnAuthorized&state=eyJpZCI6ImE4ZjAzOWYzYTllMjQyMDI4ZmI1MmJlNGJjZjBjZDVjIiwibG9naW5SZXF1ZXN0SWQiOiIyYjhlOTc2YjZiNzA0MGYwYmY4MTZlMmY1NjJkYzBiNiJ9&scope=psn%3As2s&service_entity=urn%3Aservice-entity%3Apsn&force_verify=true&response_type=code&display=popup&ui=pr&cid=a8c1c05c-ade2-4331-87c6-c9b8d2223987&error=login_required&error_code=4165&no_captcha=false#/signin/ca?entry=ca will be made directly, no forwarding settings apply.

Matches for https://my.account.sony.com/central/signin/?client_id=559bf940-f58b-41b4-9c4d-f60a5019f885&redirect_uri=https%3A%2F%2Faccounts.epicgames.com%2FpsnAuthorized&state=eyJpZCI6ImE4ZjAzOWYzYTllMjQyMDI4ZmI1MmJlNGJjZjBjZDVjIiwibG9naW5SZXF1ZXN0SWQiOiIyYjhlOTc2YjZiNzA0MGYwYmY4MTZlMmY1NjJkYzBiNiJ9&scope=psn%3As2s&service_entity=urn%3Aservice-entity%3Apsn&force_verify=true&response_type=code&display=popup&ui=pr&cid=a8c1c05c-ade2-4331-87c6-c9b8d2223987&error=login_required&error_code=4165&no_captcha=false#/signin/ca?entry=ca:
In file: match-all.action View Edit
{+change-x-forwarded-for{block}
+client-header-tagger{css-requests}
+client-header-tagger{image-requests}
+client-header-tagger{range-requests}
+hide-from-header{block}
+set-image-blocker{pattern} }
/
In file: default.action View Edit
{-block }
/.*account
In file: user.action View Edit
(no matches in this file)
Final results:

+change-x-forwarded-for{block}
+client-header-tagger{css-requests}
+client-header-tagger{image-requests}
+client-header-tagger{range-requests}
+hide-from-header{block}
+set-image-blocker{pattern}

-add-header
-block
-client-body-filter
-client-header-filter
-content-type-overwrite
-crunch-client-header
-crunch-if-none-match
-crunch-incoming-cookies
-crunch-outgoing-cookies
-crunch-server-header
-deanimate-gifs
-delay-response
-downgrade-http-version
-fast-redirects
-filter
-force-text-mode
-forward-override
-handle-as-empty-document
-handle-as-image
-hide-accept-language
-hide-content-disposition
-hide-if-modified-since
-hide-referrer
-hide-user-agent
-https-inspection
-ignore-certificate-errors
-limit-connect
-limit-cookie-lifetime
-overwrite-last-modified
-prevent-compression
-redirect
-server-header-filter
-server-header-tagger
-session-cookies-only
-suppress-tag

[Matt M.]

Attached here is what it looks like when Privoxy is disabled.

[Matt M.]

One of the things I have been trying has been trying to update the default.action file, specifically in the {-fast-redirects} section. I've tried adding the following to the end of it to no effect (restarting Privoxy and refreshing the page, too, for clarification):

# URL = https://my.account.sony.com/central/signin/?client_id=559bf940-f58b-41b4-9c4d-f60a5019f885&redirect_uri=https%3A%2F%2Faccounts.epicgames.com%2FpsnAuthorized&state=eyJpZCI6ImE4ZjAzOWYzYTllMjQyMDI4ZmI1MmJlNGJjZjBjZDVjIiwibG9naW5SZXF1ZXN0SWQiOiIyYjhlOTc2YjZiNzA0MGYwYmY4MTZlMmY1NjJkYzBiNiJ9&scope=psn%3As2s&service_entity=urn%3Aservice-entity%3Apsn&force_verify=true&response_type=code&display=popup&ui=pr&cid=a8c1c05c-ade2-4331-87c6-c9b8d2223987&error=login_required&error_code=4165&no_captcha=false#/signin/ca?entry=ca
my.account.sony.com/.*redirect_uri=https

[Fabian Keil]

Please reproduce the problem with logging configured as suggested at
https://www.privoxy.org/user-manual/contact.html
and provide a log excerpt.

[Matt M.]

Here's the log, as requested. Edit: with the attachment this time!

[Fabian Keil]

The log shows a couple of crunched requests:

fk@t520 /tmp $privoxy-log-parser.pl --shorten-thread-ids privoxy.log | grep Crunch
18:59:42.370 008 Crunch: Untrusted: config.edge.skype.com:443
18:59:42.488 010 Crunch: Untrusted: www.bing.com:443
18:59:42.712 012 Crunch: Blocked: tracking.epicgames.com:443
18:59:43.422 019 Crunch: Untrusted: www.google.com:443
18:59:43.434 020 Crunch: Untrusted: www.google.com:443
18:59:45.291 025 Crunch: Untrusted: client-api.arkoselabs.com:443
18:59:45.321 026 Crunch: Untrusted: eventcom.api.np.km.playstation.net:443
18:59:45.343 028 Crunch: Untrusted: eventcom.api.np.km.playstation.net:443
18:59:45.357 031 Crunch: Untrusted: eventcom.api.np.km.playstation.net:443
18:59:45.367 032 Crunch: Untrusted: s.btstatic.com:443

It seems likely that some of them are actually required.

I'd start by adding eventcom.api.np.km.playstation.net as trusted, after that I'd try unblocking tracking.epicgames.com.

[Matt M.]

Still no dice after making the changes. Fresh log has been added.

[Fabian Keil]

Does it help if you unblock the two remaining domains?

fk@t520 /tmp $privoxy-log-parser.pl --shorten-thread-ids privoxy.log | grep Crunch
15:51:56.104 015 Crunch: Untrusted: client-api.arkoselabs.com:443
15:51:56.168 021 Crunch: Untrusted: s.btstatic.com:443

[Matt M.]

It was adding ~.arkoselabs.com to it that was the last thing needed for this. So the final resolution to this is the following...

1) Adding the following entries to trust.txt
~.playstation.net
~.arkoselabs.com
2) Remove tracking from (if I remember right) the default.action file under "Generic block patterns by host" section.

Thanks for the help, @fabiankeil!

[Fabian Keil]

You're welcome. Thanks for posting the solution.