From 2fff535bcd20ecfff7f4bb39a9690405d13bb5fc Mon Sep 17 00:00:00 2001 From: win Date: Sun, 22 Mar 2026 01:01:38 +0800 Subject: [PATCH] =?UTF-8?q?fix:=20Node.js=20TLS=20=E4=BB=A3=E7=90=86?= =?UTF-8?q?=E5=AF=B9=E6=89=80=E6=9C=89=20HTTPS=20=E4=B8=8A=E6=B8=B8?= =?UTF-8?q?=E8=AF=B7=E6=B1=82=E7=94=9F=E6=95=88?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Do() 方法新增 Node.js 代理检查,不再依赖账号级 TLS 指纹开关。 当 node_tls_proxy.enabled=true 时,所有 HTTPS 上游请求统一走 Node.js 代理,确保 JA3/JA4 指纹一致。 --- backend/internal/repository/http_upstream.go | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/backend/internal/repository/http_upstream.go b/backend/internal/repository/http_upstream.go index b82ee65b..5b882f92 100644 --- a/backend/internal/repository/http_upstream.go +++ b/backend/internal/repository/http_upstream.go @@ -124,6 +124,11 @@ func NewHTTPUpstream(cfg *config.Config) service.HTTPUpstream { // - 调用方必须关闭 resp.Body,否则会导致 inFlight 计数泄漏 // - inFlight > 0 的客户端不会被淘汰,确保活跃请求不被中断 func (s *httpUpstreamService) Do(req *http.Request, proxyURL string, accountID int64, accountConcurrency int) (*http.Response, error) { + // 优先使用 Node.js TLS 代理模式(全局生效,不依赖账号级 TLS 指纹开关) + if s.isNodeTLSProxyEnabled() && req != nil && req.URL != nil && req.URL.Scheme == "https" { + return s.doViaNodeTLSProxy(req, accountID, accountConcurrency) + } + if err := s.validateRequestHost(req); err != nil { return nil, err }