Open XOR-op opened 11 months ago
https://github.com/wwhtrbbtt/TrackMe/blob/d9579a805ef6d3ef1825d4ff9529b15ae09a6c54/ja4.go#L82-L85 is under an unsound assumption that every TLS clienthello will include a padding extension. I don't see any standard that requires padding extension as a mandatory component. In fact, some implementations, e.g. curl on my machine, do NOT have padding in the extensions.
https://github.com/wwhtrbbtt/TrackMe/blob/d9579a805ef6d3ef1825d4ff9529b15ae09a6c54/ja4.go#L82-L85 is under an unsound assumption that every TLS clienthello will include a padding extension. I don't see any standard that requires padding extension as a mandatory component. In fact, some implementations, e.g. curl on my machine, do NOT have padding in the extensions.