search

Barre / privaxy

Privaxy is the next generation tracker and advertisement blocker. It blocks ads and trackers by MITMing HTTP(s) traffic.
GNU Affero General Public License v3.0
2.29k stars 96 forks source link

Cloudflare responds with 400 Bad Request #62

Closed OVERTHINKINGAGAIN closed 1 year ago

OVERTHINKINGAGAIN commented 1 year ago

Hello,

Thank you very much for sharing your excellent work.

Cloudflare responds to Websocket connections with a 400 (Bad Request) status code.

Example: https://agar.io

This doesn't happen when connecting to non-Cloudflare-protected Websocket services.

Do you know why this is happening? I have noticed this with other proxy implementations as well and was hoping Privaxy would be different.

I am looking forward to your response.

Thanks in advance.

Barre commented 1 year ago

Hello,

Trying to upgrade to a websocket session on the service you specified without Privaxy:

curl -v --noproxy '*'  'https://live-arena-fsdzun.agar.io/' \
  -H 'Pragma: no-cache' \
  -H 'Origin: https://agar.io' \
  -H 'Accept-Language: en-GB,en-US;q=0.9,en;q=0.8' \
  -H 'Sec-WebSocket-Key: *****' \
  -H 'Upgrade: websocket' \
  -H 'Cache-Control: no-cache' \
  -H 'Connection: Upgrade' \
  -H 'Sec-WebSocket-Version: 13' \
  -H 'Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits'

Fails in the same way:

< HTTP/2 400

I'll close for now as this issue doesn't looks like it's related to Privaxy. Feel free to reopen if you can reproduce with an other service.

gitze commented 1 year ago

I have the same experience with other websites managed by Cloudflare. I can't open the pages as long as the proxy is enabled. For example: https://www.cloudflare.com/ https://community.cloudflare.com https://chat.openai.com

The request for "Checking if the site connection is secure" is never completed.