In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-01-20 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >
Share
Shulou(Shulou.com)06/02 Report--
Using the domain name pointing to the nginx service to proxy https,nginx, you can get the access domain name by analyzing the server_name field in the clienthello, and then act as a proxy by resolving the domain name address.
There are several problems here. The first is a low-version ie browser, which uses a low-version tls. Without this field, you can't get the domain name, but now fewer and fewer people use the lower version of IE, which can be ignored.
The second is some Apple system applications, the domain name filled in is not a real domain name, but there are traces to follow, you can change the string to a real domain name to act as an agent.
When testing JD.com recently, I found that when visiting JD.com 's second-level domain name, I would occasionally return 200,301 an exception page.
If you open a new browser and open a secondary page, there is no such problem.
Occasionally found that if you do not use the domain name direct proxy, but use the browser proxy settings, access everything is normal, very strange.
By comparison, it is found that HTTP2.0 is used when using the domain name proxy, and HTTP1.1 is used when setting the browser proxy, so http2.0 is prohibited in the browser (Firefox sets about:config network.http.spdy.enabled.http2 to false / gg browser cannot find how to set it), and everything is normal to access JD.com.
The client will carry its own supported http type when requesting.
So I thought of tampering with the field when I was acting, turning off http2.0 and only applying for http1.1, but the connection would be interrupted.
Https://blog.csdn.net/mrpre/article/details/77868570
According to this page, we can know that although hello is plaintext, there is also verification, tampering is not feasible.
Continue to grab the package further and find that when visiting the second-level page, the browser sends out dozens of requests (different domain names), but there is only one link. Will HTTP2.0 reuse requests for the same IP from different domain names in one link? That's what caused the problem.
Here are some attempts to access the ip address of www.jd.com using jiadian.jd.com 's url.
We found that it happened to be the same as the error in the browser, with a cdn_nohost.
It is almost certain that HTTP2.0 will reuse connections when multiple domain names are resolved to the same ip. In this case, a simple https proxy will not be available and can only be handled by giving an ip to a domain name.
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.
12
Report
