Comments (7)
thats not a ws host, i check that by wire shark, its send host 3 times to server, 2 times fake host and one time in middle the true host
from xray-core.
Multiple host headers?
If it could pass through, it might be a bug.
I need to talk this with cloudflare engineer
from xray-core.
The host in WS request can already be set (see doc)
By the way, I didn't understand what you were saying. It's known that IFW will block HTTP connections to cloudflare, so what's the use of setting up a host
from xray-core.
"headers": {
"Host": "",
"Host": "",
"Host": "",
"Host": ""
}
from xray-core.
There are many bugs like this in iranian DPI, across ISPs. Some of them do not require any specific behavior from cloudflare and are compatible with more CDNs. They are all trivial to patch by the censor, and so it should not be widely promoted.
I know this was an argument against fragment as well, but this new method used in Mahsa is much easier to patch, it does not require additional resources such as a TCP reassembly buffer.
If somebody opens a PR for this anyway (despite the issue being closed), I would urge you to implement a more generic feature, like injecting arbitrary bytes between GET / ..
and the first HTTP header, instead of implementing a specific feature that documents the exact bypass really well and helps censors.
PS: Also, general support for "multiple host headers" isn't sufficient to implement this particular bypass.
from xray-core.
There are many bugs like this in iranian DPI, across ISPs. Some of them do not require any specific behavior from cloudflare and are compatible with more CDNs. They are all trivial to patch by the censor, and so it should not be widely promoted.
I know this was an argument against fragment as well, but this new method used in Mahsa is much easier to patch, it does not require additional resources such as a TCP reassembly buffer.
If somebody opens a PR for this anyway (despite the issue being closed), I would urge you to implement a more generic feature, like injecting arbitrary bytes between
GET / ..
and the first HTTP header, instead of implementing a specific feature that documents the exact bypass really well and helps censors.PS: Also, general support for "multiple host headers" isn't sufficient to implement this particular bypass.
i'm not an expert, i'm an end user and as you say multiple host didnt solve my problem by the way thank you for your answer.
from xray-core.
thats not a ws host, i check that by wire shark, its send host 3 times to server, 2 times fake host and one time in middle the true host
damn, this is cool
from xray-core.
Related Issues (20)
- Help with fallbacks HOT 1
- NTP client service HOT 1
- different DNS server for Node Address Domain HOT 1
- 关于文档中对sniffing和Tor的描述问题 HOT 12
- Quic sniffer 再次失效 HOT 2
- quic sniffer 失效 HOT 10
- iperf3: error - control socket has closed unexpectedly - when testing with xray HOT 17
- Invert Routing Rules HOT 9
- 发错地方了 HOT 1
- httpupgrade not working HOT 3
- ERR_SSL_Protocol_error in 1.8.11 with Vless-tls HOT 15
- MUX not working (unexpected EOF) HOT 1
- can't open video HOT 2
- 在最新版本V1.8.11内使用wireguard出口导致xray崩溃 HOT 1
- 1.8.12 docker模式下kernelMode": false, wireguard出站错误 HOT 2
- Wireguard panic: runtime error: index out of range [-1] HOT 7
- Connecting to the server inbounds through multiple domains HOT 5
- Suggestion: flag to disable logging in a separate inbound/outbound. HOT 1
- 编译xray-core时出现错误:gvisortun/tun.go中 'pkt.IsNil undefined' 的问题 HOT 1
- stop xray core in wiregourd HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from xray-core.