pluginengine01 / CHANGELOG-v6.1.md
krystv's picture
Upload CHANGELOG-v6.1.md
18b857d verified
|
Raw
History Blame Contribute Delete
2.21 kB
## v6.1 β€” Anti-Detection & Browser Impersonation Fix
### Critical Fix: Cloudflare/Bot Detection Bypass
The engine was being blocked by Cloudflare and other anti-bot systems because:
1. **User-Agent was `"BexEngine/6.0"`** β€” immediately flagged as bot
2. **Missing browser headers** β€” no `Sec-CH-UA`, `Sec-Fetch-*`, `Accept-Encoding`, etc.
3. **No HTTP/2** β€” real browsers always negotiate H2
4. **No cookie persistence** β€” CF challenges set cookies that must be sent on subsequent requests
5. **No compression** β€” browsers always send `Accept-Encoding: gzip, deflate, br`
### Changes (in `crates/bex-core/`):
**`config.rs`**: Default user_agent changed from `"BexEngine/6.0"` to a real Chrome 137 UA string. Timeouts increased from 15s to 30s (CF challenges can be slow).
**`http_service.rs`**: Complete rewrite of the HTTP layer:
- Real Chrome 137 default headers (Sec-CH-UA, Sec-Fetch-*, Accept-Encoding, etc.)
- HTTP/2 support enabled (Chrome always uses it)
- gzip/brotli/deflate decompression (browsers always send these)
- Cookie store (`cookie_store(true)`) for CF session persistence
- Auto-generates Referer from URL origin when not provided by plugin
- Plugin headers override defaults (so plugins can customize)
**`Cargo.toml`**: Added reqwest features: `gzip`, `brotli`, `deflate`, `cookies`, `http2`
### Testing Results:
| Site | Search | Episodes | Stream Resolution |
|------|--------|----------|-------------------|
| AnimeKai (anikai.to) | βœ… Works | βœ… Works | ⚠️ CF JS Challenge |
| enc-dec.app API | βœ… Works | N/A | N/A |
The stream resolution endpoint (`/ajax/links/view`) is behind a Cloudflare JS challenge that requires actual JavaScript execution. This needs the `bex-js` QuickJS engine to solve the CF challenge first. The `CloudflareKiller` approach from cloudstream uses a WebView for this.
### Remaining Work: CF Challenge Solver
For sites that use Cloudflare JS challenges on their API endpoints, we need:
1. A CF challenge solver using `bex-js` (QuickJS) that executes the challenge JS
2. Cookie persistence across the session so solved challenges don't need re-solving
3. The cookie store fix (already implemented) handles step 2 automatically