Probing Resistance¶
GOST provides probing resistance for the HTTP/HTTPS/HTTP2 proxies. When the proxy server receives an invalid request, it will return the corresponding response according to the probing resistance policy.
Note
The probing resistance feature is only valid when the proxy server has user authentication enabled.
probeResist
Option¶
The proxy server specifies the policy through the probeResist
option. The format of the parameter is: type:value
.
The optional values for type are:
-
code
- Corresponding value is HTTP response code. The proxy server will reply to client the specified status code. For example: -
web
- Corresponding value is HTTP URL. The proxy server will request this URL using HTTP GET method and return the response to the client. For example: -
host
- Corresponding value is host[:port]. The proxy server forwards the client request to the specified host and returns the host's response to the client. The proxy server is equivalent to the port forwarding service here. For example: -
file
- The corresponding value is the local file path. The proxy server will reply to the client 200 response code, and the content of the specified file is sent to the client as response Body. For example:
knock¶
After the probe resistance is enabled, the server will not respond the 407 Proxy Authentication
Required to the client by default when authentication fails. But in some cases the client needs the server to tell if it needs authentication (for example, the SwitchyOmega plugin in Chrome). Set a private host with the knock
parameter, the server will only send a 407
response when accessing this host.