aheh/MasterHttpRelayVPN-RUST
1
0
Fork 0
mirror of https://github.com/therealaleph/MasterHttpRelayVPN-RUST.git synced 2026-05-18 07:34:36 +03:00
Code Issues Packages Projects Releases Wiki Activity

chore: v1.9.2 — Apps Script + Cloudflare Worker alternative backend

Browse Source 
Pure docs + GAS/Worker addition shipped via PR #533 (#380 / #393 audit
task). No Rust client changes. Bumping to v1.9.2 so users get the new
deploy assets in the next release tarball + Telegram channel binaries
include the updated docs.
This commit is contained in:
therealaleph
2026-04-30 17:02:28 +03:00
parent 1f7a1b33c5
commit 8d0004c5f0
3 changed files with 6 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Cargo.lock
Generated
+1 -1
View File
@@ -2222,7 +2222,7 @@ dependencies = [
[[package]] [[package]]
name = "mhrv-rs" name = "mhrv-rs"
version = "1.9.1" version = "1.9.2"
dependencies = [ dependencies = [
"base64 0.22.1", "base64 0.22.1",
"bytes", "bytes",
Cargo.toml
+1 -1
View File
@@ -1,6 +1,6 @@
[package] [package]
name = "mhrv-rs" name = "mhrv-rs"
version = "1.9.1" version = "1.9.2"
edition = "2021" edition = "2021"
description = "Rust port of MasterHttpRelayVPN -- DPI bypass via Google Apps Script relay with domain fronting" description = "Rust port of MasterHttpRelayVPN -- DPI bypass via Google Apps Script relay with domain fronting"
license = "MIT" license = "MIT"
docs/changelog/v1.9.2.md
+4
View File
@@ -0,0 +1,4 @@
<!-- see docs/changelog/v1.1.0.md for the file format: Persian, then `---`, then English. -->
• backend جایگزین Apps Script + Cloudflare Worker (PR [#533](https://github.com/therealaleph/MasterHttpRelayVPN-RUST/pull/533) از @dazzling-no-more): deploy `Code.cfw.gs` (variant جدید GAS در `assets/apps_script/`) + `worker.js` (Cloudflare Worker در `assets/cloudflare/`)، Apps Script یک layer thin auth+forward می‌شه که outbound fetch رو به CF edge می‌ده. mhrv-rs خود **بدون تغییر** — همان envelope JSON روی wire، همان `mode: "apps_script"`، `script_id`، `auth_key`. تنها تفاوت چیزی هست که Apps Script deployed بعد از authentication انجام می‌ده. این task audit در roadmap [#380](https://github.com/therealaleph/MasterHttpRelayVPN-RUST/issues/380) / [#393](https://github.com/therealaleph/MasterHttpRelayVPN-RUST/issues/393) رو close می‌کنه. **چرا** کاربران Persian گزارش دادن GAS+CFW combination از pure GAS برای browsing + chat-style سریع‌تر حس می‌شه. **سختگیر شده over upstream [denuitt1/mhr-cfw](https://github.com/denuitt1/mhr-cfw)**: per-request AUTH_KEY check (upstream omit می‌کرد → relay open اگر URL leak شد)، fail-closed اگر AUTH_KEY هنوز placeholder باشه، loop guard `x-relay-hop` + self-host fetch block، body drop on GET/HEAD برای match با Code.gs/UrlFetchApp permissiveness، SKIP_HEADERS parity، batch handler با `Promise.all` + soft cap `MAX_BATCH_SIZE = 40`. **محدودیت‌های صادقانه** (در docs explicit): با `mode: "full"` ناسازگار است (فقط HTTP-relay path port شده، نه raw-TCP/UDP tunnel ops). YouTube long-form بدتر می‌شه (30s CF Worker wall vs Apps Script ~6min — SABR cliff زودتر می‌رسه). Cloudflare anti-bot اثر معکوس داره (Worker IP اغلب stricter از Google IP). Day-one quota relief نیست (path batch ready ولی از client شیپ شده single-shape unreachable). **docs کامل** انگلیسی + فارسی در `assets/cloudflare/README.md` + `README.fa.md` شامل setup، model security سه AUTH_KEY match، trade-off table، Full mode incompatibility.
---
• Apps Script + Cloudflare Worker alternative backend (PR [#533](https://github.com/therealaleph/MasterHttpRelayVPN-RUST/pull/533) by @dazzling-no-more): deploy `Code.cfw.gs` (new GAS variant in `assets/apps_script/`) plus `worker.js` (Cloudflare Worker in `assets/cloudflare/`), and Apps Script becomes a thin auth+forward layer that pushes the outbound fetch to CF's edge. mhrv-rs itself is **unchanged** — same JSON envelope on the wire, same `mode: "apps_script"`, `script_id`, `auth_key`. The only difference is what the deployed Apps Script does after it authenticates. Closes the audit task on the v1.9.x roadmap ([#380](https://github.com/therealaleph/MasterHttpRelayVPN-RUST/issues/380), [#393](https://github.com/therealaleph/MasterHttpRelayVPN-RUST/issues/393)). **Why**: recurring Persian-community feedback reports that GAS+CFW combination feels noticeably faster than plain GAS for browsing and chat-style workloads. **Hardened over upstream [denuitt1/mhr-cfw](https://github.com/denuitt1/mhr-cfw)**: per-request `AUTH_KEY` check (upstream omitted → open relay if URL leaks), fail-closed if `AUTH_KEY` still equals the placeholder, `x-relay-hop` loop guard + self-host fetch block, drops body on GET/HEAD to match `Code.gs`/UrlFetchApp permissiveness, SKIP_HEADERS parity, batch handler with `Promise.all` + soft cap `MAX_BATCH_SIZE = 40`. **Honest limitations called out in docs**: not compatible with `mode: "full"` (only HTTP-relay path ported; raw-TCP / UDP tunnel ops needed for messengers under Android full-mode aren't). YouTube long-form gets worse (30 s CF Worker wall vs Apps Script's ~6 min — SABR cliff arrives sooner). Cloudflare anti-bot is unaffected — exit IP becomes a Workers IP, which CF's anti-bot fingerprints as worker-internal (often stricter than a Google IP). No day-one `UrlFetchApp` daily-count relief; the batch-aware GAS+Worker path is wired and ready (`ceil(N / 40)` per N-URL batch) but unreachable from any shipping client today (mhrv-rs's HTTP-relay path is single-shape only). **Full docs** in English + Persian at `assets/cloudflare/README.md` + `README.fa.md` covering setup, the three-matching-`AUTH_KEY`s security model, trade-off table, full-mode incompatibility section. README updated with alternative-backend callout in both languages.