websocket: bad handshake: 0.peerjs.com Cloudflare blocks our Go client?

[WofWca]

Reproduction

1. Clone the repo

2. comment out these lines to use default options (0.peerjs.com server)

   peerjs-go/_examples/simple/main.go

   Lines 23 to 26 in 2a93c7a

   	opts.Path = "/myapp"
   	opts.Host = "127.0.0.1"
   	opts.Port = 9000
   	opts.Secure = false

3. go run _examples/simple/main.go

Result: error websocket: bad handshake

Cause

I did some debugging. Looks like the server doesn't return the desired 101 code. The error happens here https://github.com/gorilla/websocket/blob/e5f1a0aad0accdff7dc9131fdcce912e28d8f4d5/client.go#L402-L413

And the code is 403, and the body is

<title>Attention Required! | Cloudflare</title>
...
<h2 data-translate="blocked_why_headline">Why have I been blocked?</h2>
<p data-translate="blocked_why_detail">This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.</p>
...

The same output is obtained when I curl -v 0.peerjs.com.
However, the connection succeeds when I do this through a browser console new WebSocket('wss://0.peerjs.com:443/peerjs?key=peerjs&id=peer1&token=mputcCwLPjX')

---

So, what can be done here? What does it mean for us? Do we have to imitate a browser fingerprint? Is it something that the PeerJS server maintainer can do something about?

---

This is not a duplicate of #16, because there a local server is used

[WofWca]

I started a discussion https://github.com/orgs/peers/discussions/1259

[WofWca]

So, the author lowered the security level for us, and suggested maybe adding API keys for non-browser clients.
The issue might re-appear in the future, but for now I guess there is not much to do 🤷‍♀️