diff --git a/browser_login/login.py b/browser_login/login.py index 9f3478e..1519602 100644 --- a/browser_login/login.py +++ b/browser_login/login.py @@ -59,27 +59,32 @@ def patch_drission_ws_handshake() -> None: base_kwargs["http_proxy_host"] = None base_kwargs["http_proxy_port"] = None + # 提取目标端口,用于构造合法的 Host 头 + try: + port = address.split(":")[2].split("/")[0] + except IndexError: + port = "9222" + # Chrome 149 增强了 DevTools 的安全校验。 - # suppress_origin=True 意味着不发送 Origin 头。 - # 我们按照不同的组合暴力重试 + # Host header 必须是 IP 地址或 localhost,且必须包含端口号! candidate_kwargs = [ - # 策略1:最原始、最干净的连接方式(类似 curl) + # 策略1:最标准的 localhost 组合,带端口 + { + **base_kwargs, + "suppress_origin": False, + "header": [f"Host: 127.0.0.1:{port}", "Origin: http://127.0.0.1"] + }, + # 策略2:最原始、最干净的连接方式(类似 curl) { **base_kwargs, "suppress_origin": True, "header": [] }, - # 策略2:显式声明是本地请求 + # 策略3:伪装成 localhost 带端口 { **base_kwargs, "suppress_origin": False, - "header": ["Host: 127.0.0.1", "Origin: http://127.0.0.1"] - }, - # 策略3:伪装成 localhost - { - **base_kwargs, - "suppress_origin": False, - "header": ["Host: localhost", "Origin: http://localhost"] + "header": [f"Host: localhost:{port}", "Origin: http://localhost"] } ] @@ -91,8 +96,6 @@ def patch_drission_ws_handshake() -> None: return raw_ws_create_connection(target_url, **candidate) except WebSocketBadStatusException as ws_err: last_err = ws_err - if "Handshake status 404" not in str(ws_err) and "Handshake status 403" not in str(ws_err): - raise except Exception as other_err: last_err = other_err break