cyonjan/frp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

support non-preemptive authentication

Browse Source 
Non-preemptive authentication means that the Proxy-Authorization will not be actively sent when the tunnel is established, and this authentication will be brought after receiving the 407 response.

The server will now directly close the connection when the proxy verification fails, and the client will still send a request on this connection without knowing it, causing the client to report an error.
Therefore, you should explicitly return close when closing the connection.

In [rfc7230#Connection](https://tools.ietf.org/html/rfc7230#section-6.1)

> A server that does not support persistent connections MUST send the
   "close" connection option in every response message that does not
   have a 1xx (Informational) status code.

![img](https://i.loli.net/2020/06/15/WVdSQg8ZncKbzMH.png)
This commit is contained in:
fzhyzamt 2020-07-01 10:26:12 +08:00 committed by GitHub
parent b23548eeff
commit 062e04d856
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
models/plugin/client/http_proxy.go
View File

@ -231,6 +231,7 @@ func removeProxyHeaders(req *http.Request) {
func getBadResponse() *http.Response { func getBadResponse() *http.Response {
header := make(map[string][]string) header := make(map[string][]string)
header["Proxy-Authenticate"] = []string{"Basic"} header["Proxy-Authenticate"] = []string{"Basic"}
header["Connection"] = []string{"close"}
res := &http.Response{ res := &http.Response{
Status: "407 Not authorized", Status: "407 Not authorized",
StatusCode: 407, StatusCode: 407,