Comments (7)
thats not a ws host, i check that by wire shark, its send host 3 times to server, 2 times fake host and one time in middle the true host
from xray-core.
Multiple host headers?
If it could pass through, it might be a bug.
I need to talk this with cloudflare engineer
from xray-core.
The host in WS request can already be set (see doc)
By the way, I didn't understand what you were saying. It's known that IFW will block HTTP connections to cloudflare, so what's the use of setting up a host
from xray-core.
"headers": {
"Host": "",
"Host": "",
"Host": "",
"Host": ""
}
from xray-core.
There are many bugs like this in iranian DPI, across ISPs. Some of them do not require any specific behavior from cloudflare and are compatible with more CDNs. They are all trivial to patch by the censor, and so it should not be widely promoted.
I know this was an argument against fragment as well, but this new method used in Mahsa is much easier to patch, it does not require additional resources such as a TCP reassembly buffer.
If somebody opens a PR for this anyway (despite the issue being closed), I would urge you to implement a more generic feature, like injecting arbitrary bytes between GET / ..
and the first HTTP header, instead of implementing a specific feature that documents the exact bypass really well and helps censors.
PS: Also, general support for "multiple host headers" isn't sufficient to implement this particular bypass.
from xray-core.
There are many bugs like this in iranian DPI, across ISPs. Some of them do not require any specific behavior from cloudflare and are compatible with more CDNs. They are all trivial to patch by the censor, and so it should not be widely promoted.
I know this was an argument against fragment as well, but this new method used in Mahsa is much easier to patch, it does not require additional resources such as a TCP reassembly buffer.
If somebody opens a PR for this anyway (despite the issue being closed), I would urge you to implement a more generic feature, like injecting arbitrary bytes between
GET / ..
and the first HTTP header, instead of implementing a specific feature that documents the exact bypass really well and helps censors.PS: Also, general support for "multiple host headers" isn't sufficient to implement this particular bypass.
i'm not an expert, i'm an end user and as you say multiple host didnt solve my problem by the way thank you for your answer.
from xray-core.
thats not a ws host, i check that by wire shark, its send host 3 times to server, 2 times fake host and one time in middle the true host
damn, this is cool
from xray-core.
Related Issues (20)
- 1.8.12 docker模式下kernelMode": false, wireguard出站错误 HOT 2
- Wireguard panic: runtime error: index out of range [-1] HOT 7
- Connecting to the server inbounds through multiple domains HOT 5
- Suggestion: flag to disable logging in a separate inbound/outbound. HOT 1
- 编译xray-core时出现错误:gvisortun/tun.go中 'pkt.IsNil undefined' 的问题 HOT 1
- stop xray core in wiregourd HOT 3
- Wireguard Inbound Panic when connecting via WiresockUI client HOT 2
- API: Stats of the user remains when the user got deleted through API HOT 10
- 获取ipv6地址失败后产生DNS泄露 HOT 4
- block specific users country HOT 2
- Bump up gvisor dependencies HOT 1
- Weird behaviour of reverse proxy HOT 4
- [Feature Request] Changing the order of ping checks when "enableConcurrency": false HOT 1
- maxTimeDiff for VMESS HOT 16
- [Feature Request] https h2 proxy HOT 16
- The filtering of the Reality protocol within an hour in version v1.8.13 in Iran by the Iranian firewall HOT 7
- Compatibility Issue with WireGuard for Streaming Services HOT 4
- Is now any available package for building IOS and Android client in Flutter or React Native HOT 1
- 2022 edition shadowsocks methods don't work for `clients` HOT 2
- 安卓手机xray模块无法正确dns到localhost HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from xray-core.