feat: H1 container keepalive + 431 oversized-headers#438
Merged
therealaleph merged 1 commit intotherealaleph:mainfrom Apr 28, 2026
Merged
Conversation
github-actions
Bot
added
the
type: feature
therealaleph
added a commit
that referenced
this pull request
Apr 28, 2026
…er errors Three substantive PRs from contributors landed for this release: - #443 by @euvel: optional spreadsheet-backed response cache in Code.gs. Implements all 5 review suggestions from the design discussion (#400): TTL-aware caching, 35 KB body-size gate, header rewriting on hit, circular buffer for O(1) writes, Vary-aware compound keys. - #439 by @dazzling-no-more: bypass Apps Script tunnel for known DoH endpoints on TCP/443. Cloudflare/Google/Quad9/AdGuard/NextDNS/OpenDNS/ CleanBrowsing/dns.sb/dns0.eu/AliDNS/doh.pub/Mullvad. Saves the ~2s UrlFetchApp roundtrip per name without losing privacy (DoH is already encrypted). Default on; users can opt out via tunnel_doh: true or extend the list via bypass_doh_hosts. - #438 by @dazzling-no-more: H1 container keepalive + 431 oversized- headers + clearer port-collision message. Cherry-picks from upstream Python (Apr 23-26 window). Keepalive prevents Apps Script V8 cold starts (visible as YouTube stalls after pause); 431 replaces silent socket drops on >64 KB headers (which caused browser retry loops).
Owner
|
Merged + included in v1.8.3 (just tagged). Builds clean, all 160 tests pass on main. Thanks for shipping this — exactly the kind of contribution that scales the project beyond what one maintainer can ship alone. v1.8.3 release page: https://github.com/therealaleph/MasterHttpRelayVPN-RUST/releases/tag/v1.8.3 Telegram channel announcement: https://t.me/mhrv_rs (will fire once release CI completes) Will tag you on the v1.9.0 xmux design issue when drafted (~1-2 weeks). [reply via Anthropic Claude | reviewed by @therealaleph] |
This was referenced Apr 28, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Cherry-picks of stability/hardening fixes from upstream Python
(masterking32/MasterHttpRelayVPN), Apr 23-26 window.
H1 container keepalive (upstream
5e7fff8) — Apps Script V8 containers go cold after ~5min idle and cost 1-3s to wake back up, most visible as YouTube player stalls after a quiet pause. Added a 240sHEAD http://example.com/ping via the relay. Bypasses the response cache and inflight coalescer (otherwise the second iteration would just hit the cached response and never reach Apps Script). Skipped ingoogle_onlymode. TheJoinHandleis captured so the shutdown arm ofselect!can abort it — without that, hitting Stop in the UI would leave the keepalive holding anArc<DomainFronter>on stale config (same class of bug as issue The Python version realizes what the reason of a Relay error is, but the Rust version does not (Windows). #99 hit for the accept loops).431 Request Header Fields Too Large (upstream
c2aaf37) — tightened the header-block cap from 1 MB to 64 KB to match upstream'sMAX_HEADER_BYTES. Both the plaintext HTTP frontend and the MITM HTTPS relay path now reply withHTTP/1.1 431and close, instead of just dropping the socket — browsers retry connection-reset silently and would loop on the same oversized request indefinitely.Port-collision config validation (upstream
e08d33e) — the same-port check already existed; only the error message was vague. Now mirrors upstream's clarity ("both set to 8080 on 127.0.0.1. Change one of them in config.json.").Skipped from the same window
5e7fff8) — N/A. Our port runs HTTP/1.1 only; noh2transport to debounce.scholar.google.com/chromewebstore.google.comto the SNI pool (upstream1e256d5) — already in ourDEFAULT_GOOGLE_SNI_POOL. Our 12-entry pool is a strict superset of upstream's current 3-entry pool.Test plan
cargo build --bin mhrv-rscleancargo build --bin mhrv-rs-ui --features uicleancargo test --lib— 154/154 passingcargo clippy --all-targets— warning count unchanged (41 → 41)