hey thanks for the submission
however, there seems to be a flaw in this implementation:
a regular Firefox user in london with a maximized window could match 2 out of 3 indicators and be incorrectly ...
Either way, detecting the Tor browser isn't enough. Since most Tor nodes lack TLS, you'll encounter CORS and mixed content issues when trying to request .onion endpoints. The best solution is to host your frontend on Tor itself, this is the industry standard, as you've likely seen on many websites that display an ".onion available" option. Here's how to implement it, since you seem to be hosting your pages on Cloudflare:
Implement Onion-Location Header on Cloudflare
Context: We need to configure the server to return an `Onion-Location` header. Since we are on Cloudflare, we cannot edit a standard Nginx/Apache config file directly. Please choose Option A (if using Cloudflare Pages) or Option B (if using standard Cloudflare proxy/CDN) below.
Option A: If using Cloudflare Pages (Static Site Deployment)
1. Navigate to the local project repository.
2. Create a new file named `_headers` inside the **output directory** (often called `public`, `dist`, or `build`).
* *Note: It must be placed in the root of the folder that gets uploaded to Cloudflare, not necessarily the root of the source code.*
3. Add the following code block to the `_headers` file:
```text
/*
Onion-Location: http://YOUR-ONION-ADDRESS.onion
```
4. Commit and push the changes to trigger a new deployment.
Option B: If using Standard Cloudflare CDN (DNS Proxy)
1. Log in to the Cloudflare Dashboard.
2. Select the specific website/domain.
3. Go to **Rules** > **Transform Rules**.
4. Click **Modify Response Header** and then **Create Rule**.
5. **Rule Name:** Enter "Onion Location Redirect".
6. **Incoming Request:** Match when:
* Field: `Hostname`
* Operator: `equals`
* Value: `www.your-domain.com` (or the specific domain being used).
7. **Outgoing Response:** Set **Static**:
* Header Name: `Onion-Location`
* Value: `http://YOUR-ONION-ADDRESS.onion`
8. Click **Deploy**.
---
### Verification (Required)
Once the deployment or rule is live, please verify the setup:
1. Open the **Tor Browser**.
2. Navigate to our standard website (`https://...`).
3. Check the address bar for a small, purple/green "onion" icon on the right side.
4. Click the icon and confirm it offers to switch to the `.onion` version.
Implement Onion-Location Header on Cloudflare
Context: We need to configure the server to return an `Onion-Location` header. Since we are on Cloudflare, we cannot edit a standard Nginx/Apache config file directly. Please choose Option A (if using Cloudflare Pages) or Option B (if using standard Cloudflare proxy/CDN) below.
Option A: If using Cloudflare Pages (Static Site Deployment)
1. Navigate to the local project repository.
2. Create a new file named `_headers` inside the **output directory** (often called `public`, `dist`, or `build`).
* *Note: It must be placed in the root of the folder that gets uploaded to Cloudflare, not necessarily the root of the source code.*
3. Add the following code block to the `_headers` file:
```text
/*
Onion-Location: http://YOUR-ONION-ADDRESS.onion
```
4. Commit and push the changes to trigger a new deployment.
Option B: If using Standard Cloudflare CDN (DNS Proxy)
1. Log in to the Cloudflare Dashboard.
2. Select the specific website/domain.
3. Go to **Rules** > **Transform Rules**.
4. Click **Modify Response Header** and then **Create Rule**.
5. **Rule Name:** Enter "Onion Location Redirect".
6. **Incoming Request:** Match when:
* Field: `Hostname`
* Operator: `equals`
* Value: `www.your-domain.com` (or the specific domain being used).
7. **Outgoing Response:** Set **Static**:
* Header Name: `Onion-Location`
* Value: `http://YOUR-ONION-ADDRESS.onion`
8. Click **Deploy**.
---
### Verification (Required)
Once the deployment or rule is live, please verify the setup:
1. Open the **Tor Browser**.
2. Navigate to our standard website (`https://...`).
3. Check the address bar for a small, purple/green "onion" icon on the right side.
4. Click the icon and confirm it offers to switch to the `.onion` version.
2❤️2
