Update worker name to zibeishiyong#1171
Closed
junexx4437492 wants to merge 359 commits into
Closed
Conversation
fix: 优化批量替换域名函数,随机化主机选择以提高多样性
fix: 修正批量替换域名函数中的随机主机选择逻辑
fix: 优化请求优选API函数,增强返回值处理和订阅内容预处理逻辑
fix: 增强Base64验证函数,添加类型检查和解码测试
fix: 优化反代请求头处理,增强响应内容类型检查
防止普通变量被误认为是KV命名空间,提高配置容错性
fix: 修改订阅请求参数判断逻辑,优化对b64和base64的处理
Beta2.1 byob
…ection chain The client IP detection fallback chain contained duplicate entries: - X-Real-IP appeared twice (positions 1 and 8) - X-Forwarded-For appeared twice (positions 3 and 7) Removed duplicates and reordered to prefer Cloudflare-injected headers (CF-Connecting-IP, True-Client-IP) which are more trustworthy than user-controllable headers.
The auth cookie was set with only HttpOnly, missing two important security attributes: - Secure: without this flag the browser may send the cookie over plain HTTP, exposing the session token to network eavesdroppers. Cloudflare Workers always run behind HTTPS so this flag is safe to add unconditionally. - SameSite=Strict: prevents the cookie from being sent in cross-site requests, mitigating CSRF attacks against the /admin panel.
RFC 1035 §4.1.1 requires that the ID field in a DNS message header be a random 16-bit value so that responses can be matched to their corresponding queries. The previous hardcoded value of 0 works for simple sequential requests but is technically incorrect and could cause response-matching failures under concurrent DoH lookups. Replace with crypto.getRandomValues() which is available in the Cloudflare Workers runtime.
fix: remove duplicate headers and reorder by trustworthiness in IP detection chain
fix: add Secure and SameSite=Strict flags to auth cookie
fix: use random DNS query ID per RFC 1035 §4.1.1
feat: 更新版本号并优化TLS 1.3解密和加密逻辑,修复数据处理流程
更正 README.md 中ClashMetaForAndroid项目地址
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Beta2.1 byob
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.