fix(proxy): authenticate HTTP/HTTPS proxies via wwjs proxyAuthentication (#628)#632
Merged
Conversation
…ion (#628) Credentials were passed inside --proxy-server, which Chromium ignores, so a proxy with a username/password never authenticated — only IP-authorized proxies worked. - Split the proxy URL into a credential-less --proxy-server value plus the username/password, handed to whatsapp-web.js's proxyAuthentication option (which drives Chromium's page.authenticate) for HTTP/HTTPS proxies. - SOCKS proxies with credentials now log a clear warning — Chromium cannot authenticate SOCKS proxies at all — instead of failing with an opaque Page.navigate timeout. - Also removes the cosmetic double-scheme ("socks5://socks5://") in the proxy log.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Fixes #628. On the whatsapp-web.js engine, a per-session proxy with a username/password never authenticated — only IP-authorized proxies worked.
Root cause
The adapter passed the whole proxy URL, credentials included, to Chromium via
--proxy-server=<scheme>://user:pass@host:port. Chromium ignores credentials embedded in--proxy-server, and for SOCKS proxies it cannot authenticate at all. So an IP-authorized proxy (no credentials) worked, while a username/password proxy failed with an opaquePage.navigate timed out.Changes
--proxy-servervalue plus the username/password. The credentials are handed to whatsapp-web.js's built-inproxyAuthenticationoption, which drives Chromium'spage.authenticate— the supported way to authenticate an HTTP/HTTPS proxy. Authenticated HTTP/HTTPS proxies now work.socks5://socks5://…) in the proxy log; it now logs the actual credential-less server.Notes
The credential parsing/splitting is extracted into a pure, unit-tested
buildProxyLaunchConfig()helper (strips credentials from the server arg, URL-decodes them, and flags SOCKS-with-credentials) so the logic is covered without standing up a Chromium/Client mock.Verification
buildProxyLaunchConfig(HTTP creds →proxyAuthentication, URL-decoding, SOCKS-creds → flagged + no auth, credential-less untouched).