What are the consequences of executing #JavaScript from cdnjs.cloudflare.com? I don't trust CF in general & try not to connect to them, so then I went to this link instead of the original: https://web.archive.org/web/www.ran.org/wp-content/uploads/2021/03/Banking-on-Climate-Chaos-2021.pdf#page=7 That avoids #Cloudflare. But why did the PDF load?
The original URL would not give the PDF without running CF JS. Yet archive.org avoids CF JS. Is archive.org simply delivering copies of the CF JS as though it's first-party #javascript?
@resist1984 Archive.org archives the whole website including stylesheets, script files and images. So you load the same JS file from web.archive.org instead of CF.
@resist1984 Actually it's not exactly the same, archive.org seems to make some modifications.
@t0k well it seems there is no viable option. Once I knew the full PDF URL, it's fine because the js doesn't block a direct download (i can load the PDF in a non-js browser). But apparently executing the js is mandatory if you only know the parent URL that contains the pdf link (https://www.ran.org/bankingonclimatechaos2021/)
@resist1984 I just managed to. Again, open the source code of the page, search for 'pdf'. Then right-click on the desired link -> Copy Link Location. Paste the link in the URL bar and enjoy the PDF :)
@t0k when viewing this: view-source:https://www.ran.org/bankingonclimatechaos2021/ searching for pdf only has 3 hits, and none of them are "Banking-on-Climate-Chaos-2021.pdf"
@t0k apparently the CF JS must be executed in order to reveal the URL
@t0k #RAN is trying to be clever. Notice that if you go to last year's report (https://www.ran.org/bankingonclimatechaos2020/) it interrupts with "don't you want the most recent report?" They're imposing CF JS to intercept visits to old docs. It's a shame they use js for that.
