search

localtunnel / localtunnel

expose yourself
https://localtunnel.me
MIT License
19.24k stars 1.34k forks source link

bypass-tunnel-reminder Http Header not working #663

Open blueskysd opened 4 months ago

blueskysd commented 4 months ago

I'm trying to use localtunnel to test PDF generation using an API based service. I've added the bypass-tunnel-reminder HTTP header to the request coming from the PDF Service to my url, and I've verified it's there, but I'm still getting the Tunnel Website Ahead! page instead of my local page.

Parking-Master commented 4 months ago

You cannot send the header to the browser request when visiting your tunnel. The friendly reminder page can only be hidden by the user requesting the page, not the server. So, when sending a request to your tunnel's URL, make sure you set "Bypass-Tunnel-Reminder" to any value when requesting the page.

TheBoroer commented 4 months ago

Hey @blueskysd @Parking-Master is correct. Could you please explain the setup some more? Is the api based service running in the cloud? if yes, what's the setup look like and how is the request being made.

Setting the Bypass-Tunnel-Reminder header with any non-falsey value should work. The tunnel reminder page only shows up to standard browser User-Agent header values. If you're seeing that page, it makes me think your api based service might actually be making requests to your localtunnel url using a web browser (like phantom or selenium) or is making reqs using a standard browser user-agent.

blueskysd commented 4 months ago

Thanks @Parking-Master and @TheBoroer The api service is using a web browser in some fashion, yes. Yes, it's running "in the cloud." It loads the web page and then creates a PDF from it. I can investigate what the actual user-agent is when it comes through. I am able to add the bypass-tunnel-reminder header to the request, so if it's using a web browser it should work, but it's not.

TheBoroer commented 4 months ago

Thanks for the details @blueskysd I'll ask you to verify your setup actually works as intended. The header might not get set before the page request gets fired. Maybe make a test request from your cloud browser to something like https://requestinspector.com so you can see the full request that would be hitting your localtunnel url and see if you're setting the header value correctly.

The bypass-tunnel-reminder header is definitely working (even with the real browser user-agent). Here's how I tested it:

  1. use chrome or any browser you like (on your local computer) and go to https://test.loca.lt
  2. open up the web dev console
  3. paste this in and hit enter to run it: 
    await fetch('https://test.loca.lt', {
method: 'GET',
headers: {
    'Bypass-Tunnel-Reminder': 'yup',
},
})
  4. that fires off a request using your actual browser user agent and the bypass header. If you see a 404 http status for the request, it bypassed the reminder page (404 means there's most likely no tunnel active).

now if you run that snippet in your browser without the bypass header, like so:

await fetch('https://test.loca.lt', {
   method: 'GET',
})

You'll see a 511 error (meaning you're hitting the tunnel reminder page.