blocked with 200 status code: "JavaScript is disabled in your browser."

[pajod]

Describe the bug
My bookmark for searching on pypi stopped working. For a GET request to https://pypi.org/search/?q=%s I get a cloudflare-esque virtual middle finger, despite the 200 status code.

Expected behavior

• usually: a search result list (status 2xx)
• possibly: a redirect to the single result (status 3xx)
• failing either: an error page with a link to https://status.python.org/ (status 4xx)

To Reproduce

• origin & rate does not appear to matter, problem even affects networks that did not send any requests this month
• the page may or may not redirect, in a browser that complies with whatever fastly wants it to do (additional javascript, fetching which results in an empty 400 response)

My Platform

• reproduced using curl 8.11.1 and Firefox 128.5.2esr

Additional context

• related: Get rid of as much JavaScript as possible #7329
• related: linkcheck in CI is broken on PyPI URLs with anchors pypa/packaging.python.org#1744
• some error messages would clarify the author, if only the fastly logo img src was specified with a leading slash
• the status page, which is more prominently linked than this issue tracker, does not mention the degradation

Specific message depends on the outcome of some obfuscated javascript:

• "Please enable JavaScript to proceed."
• "Please enable cookies to continue."
• "Oops, something went wrong."
• "is verifying your browser..."
  

[miketheman]

Please see this thread that explains what changed and why. https://discuss.python.org/t/fastly-interfering-with-pypi-search/73597/6

[mwoehlke-kitware]

I had to unblock the fastly-insights.com domain, which is blocked by default by whatever security/privacy blacklists I have configured. I understand the need to protect the service, but maybe using a service that doesn't have a reputation as "harmful" would be a good idea...