Seems Proxydomo has some probs with pages protected by Cloudflare. When such a page is loaded, Cloudflare redirects to a security page, which then sets a security cookie, afterwards pages on that host can be accessed directly for a limited time. If I bypass Proxydomo it's working fine, but with Proxydomo the cookie gets never set, so I'm caught in an eternal loop, any request gets redirected to the security page. Here's an example:
https://authorzilla.com/assets/js/main.js
If Proxydomo is bypassed, the request looks like this (FF 67.0a1, but problem occurs in IE 11 too):
Request by browser:
Host: authorzilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:67.0) Gecko/20100101 Firefox/67.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Accept-Language: en-GB,en-US;q=0.8,en;q=0.6,de-DE;q=0.4,ru;q=0.2
Accept-Encoding: gzip, deflate, br
Referer: https://authorzilla.com/assets/js/main.js
DNT: 1
Connection: keep-alive
Cookie: __cfduid=d82473a0b1dbbc4a0541ed36a4e62307f1556511089
Upgrade-Insecure-Requests: 1
TE: Trailers
Reply by server:
HTTP/2.0 302 Found
date: Mon, 29 Apr 2019 04:11:39 GMT
content-type: text/html
content-length: 159
set-cookie: cf_clearance=3a73ca5060b15fad09d5cc8d7049838745a23166-1556511099-1800-150; path=/; expires=Mon, 29-Apr-19 05:41:39 GMT; domain=.authorzilla.com; HttpOnly
location: /assets/js/main.js
server: cloudflare
cf-ray: 4cee6ee34ef0235a-FRA
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
But if I use Proxydomo, it sends the following message to the browser (notice that the set-cookie header is missing) :
HTTP/1.0 200 Connection established
date: Mon, 29 Apr 2019 04:11:35 GMT
content-type: text/html
content-length: 159
location: /assets/js/main.js
server: cloudflare
cf-ray: 4cee6ec97c53235a-FRA
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
Maybe WolfSSL is outdated? I'm using Proxydomo 1.107 (WolfSSL 3.15.3)
Also, my FF list the following junk message for every page I access thru Proxydomo, it's annoying:
server does not support RFC 5746, see CVE-2009-3555
I checked WolfSSL website, they fixed this problem, it seems. Guess recompiling Proxydomo with the newest WolfSSL would fix this problem.
Seems Proxydomo has some probs with pages protected by Cloudflare. When such a page is loaded, Cloudflare redirects to a security page, which then sets a security cookie, afterwards pages on that host can be accessed directly for a limited time. If I bypass Proxydomo it's working fine, but with Proxydomo the cookie gets never set, so I'm caught in an eternal loop, any request gets redirected to the security page. Here's an example:
https://authorzilla.com/assets/js/main.js
If Proxydomo is bypassed, the request looks like this (FF 67.0a1, but problem occurs in IE 11 too):
Request by browser:
Host: authorzilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:67.0) Gecko/20100101 Firefox/67.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Accept-Language: en-GB,en-US;q=0.8,en;q=0.6,de-DE;q=0.4,ru;q=0.2
Accept-Encoding: gzip, deflate, br
Referer: https://authorzilla.com/assets/js/main.js
DNT: 1
Connection: keep-alive
Cookie: __cfduid=d82473a0b1dbbc4a0541ed36a4e62307f1556511089
Upgrade-Insecure-Requests: 1
TE: Trailers
Reply by server:
HTTP/2.0 302 Found
date: Mon, 29 Apr 2019 04:11:39 GMT
content-type: text/html
content-length: 159
set-cookie: cf_clearance=3a73ca5060b15fad09d5cc8d7049838745a23166-1556511099-1800-150; path=/; expires=Mon, 29-Apr-19 05:41:39 GMT; domain=.authorzilla.com; HttpOnly
location: /assets/js/main.js
server: cloudflare
cf-ray: 4cee6ee34ef0235a-FRA
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
But if I use Proxydomo, it sends the following message to the browser (notice that the set-cookie header is missing) :
HTTP/1.0 200 Connection established
date: Mon, 29 Apr 2019 04:11:35 GMT
content-type: text/html
content-length: 159
location: /assets/js/main.js
server: cloudflare
cf-ray: 4cee6ec97c53235a-FRA
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
Maybe WolfSSL is outdated? I'm using Proxydomo 1.107 (WolfSSL 3.15.3)
Also, my FF list the following junk message for every page I access thru Proxydomo, it's annoying:
server does not support RFC 5746, see CVE-2009-3555
I checked WolfSSL website, they fixed this problem, it seems. Guess recompiling Proxydomo with the newest WolfSSL would fix this problem.