1

Assume you have X being a webserver accepting http requests. I have a problem where X has WAF preventing access from proxied HTTP Requests through Node.js as it gets detected by the WAF, however in Chrome there are no issues when using this HTTP Proxy.

The WAF does not require you to complete a JS challenge, I have matched as much as possible. - Header Order (Tested through Charles Proxy) - Different HTTP Clients (I’ve tried Axios with a https-proxy-agent as well as request with tunnel: true)

The only thing that could be an issue here is TLS Ciphers (Which are sent, as well as, the order they are sent in).

I am almost certain it has nothing to do with the Cipher Suite, as I was able to pass their WAF without a proxy through Node.js.

What else am I potentially missing?

  • Identical http headers from your node.js client request when compared to same request from Chrome? – jfriend00 Mar 29 '19 at 00:11
  • @jfriend00 Yeah, I ensured headers themselves matched. I made sure through Wireshark too. –  Mar 29 '19 at 01:20
  • Did you get any solution for this? I am also facing the same issue. Request from chrome is successful, while the same request from node js server fails. – Stanly Aug 03 '19 at 20:10

0 Answers0