anjuncc / gogo-tester

Automatically exported from code.google.com/p/gogo-tester
0 stars 0 forks source link

Custom HTTP request header field should be supported #119

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago
GFW now can censor Internet connections based on keyword patterns in the Host 
field of the HTTP request header, so that even if an IP is accessible overHTTP 
it still can be blocked if the request header contains blacklisted keywords.

For example, 192.0.82.250 is one IP address for http://en.wordpress.com/, which 
has long been censored by GFW. Ping this IP over HTTP w/o Host name specified 
gives success results, but only returns failure w Host name specified, as shown 
in the attached screenshot.

This hack is formerly restrained to explicit HTTP, but recent observations have 
found filtering of encrypted HTTPS CONNECT attempts with Host names specified 
in headers. This is found with a dozen Google server IPs in the Asia-Pacific 
region, and even more with s3.amazonaws.com IPs. HTTPS CONNECT to the IPs w/o 
Host name is all right, but goes into blackhole w Host name provided.

Gogo-tester should include a custom request header for the user to test if 
connection to the IP address over ports 80 and 443 with the customized host 
name specified is successful, or this tool would soon be senseless since host 
name based censoring is easy to deploy.

Original issue reported on code.google.com by neilbr...@outlook.com on 9 Nov 2014 at 10:02

Attachments: