From 6d01d8b637a5a1ac9f29a33adcd4c7915272181a Mon Sep 17 00:00:00 2001 From: hjq <770690987@qq.com> Date: Tue, 23 Jun 2026 17:48:56 +0800 Subject: [PATCH] =?UTF-8?q?BOM=E5=8F=91=E6=96=99=E5=AF=B9=E6=AF=94?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- browser_login/login.py | 29 ++++++++++++++++------------- 1 file changed, 16 insertions(+), 13 deletions(-) diff --git a/browser_login/login.py b/browser_login/login.py index 9f3478e..1519602 100644 --- a/browser_login/login.py +++ b/browser_login/login.py @@ -59,27 +59,32 @@ def patch_drission_ws_handshake() -> None: base_kwargs["http_proxy_host"] = None base_kwargs["http_proxy_port"] = None + # 提取目标端口,用于构造合法的 Host 头 + try: + port = address.split(":")[2].split("/")[0] + except IndexError: + port = "9222" + # Chrome 149 增强了 DevTools 的安全校验。 - # suppress_origin=True 意味着不发送 Origin 头。 - # 我们按照不同的组合暴力重试 + # Host header 必须是 IP 地址或 localhost,且必须包含端口号! candidate_kwargs = [ - # 策略1:最原始、最干净的连接方式(类似 curl) + # 策略1:最标准的 localhost 组合,带端口 + { + **base_kwargs, + "suppress_origin": False, + "header": [f"Host: 127.0.0.1:{port}", "Origin: http://127.0.0.1"] + }, + # 策略2:最原始、最干净的连接方式(类似 curl) { **base_kwargs, "suppress_origin": True, "header": [] }, - # 策略2:显式声明是本地请求 + # 策略3:伪装成 localhost 带端口 { **base_kwargs, "suppress_origin": False, - "header": ["Host: 127.0.0.1", "Origin: http://127.0.0.1"] - }, - # 策略3:伪装成 localhost - { - **base_kwargs, - "suppress_origin": False, - "header": ["Host: localhost", "Origin: http://localhost"] + "header": [f"Host: localhost:{port}", "Origin: http://localhost"] } ] @@ -91,8 +96,6 @@ def patch_drission_ws_handshake() -> None: return raw_ws_create_connection(target_url, **candidate) except WebSocketBadStatusException as ws_err: last_err = ws_err - if "Handshake status 404" not in str(ws_err) and "Handshake status 403" not in str(ws_err): - raise except Exception as other_err: last_err = other_err break