底层传输如何配置http伪装才能兼容ssr混淆？

[6656i]

服务端版本v2ray 2.9，客户端时安卓端ssr。
不配置http伪装，不开ssr混淆，连接正常。
折腾了好几天了，求指点。
以下是服务端配置。

{
  "log": {
    "access": "/var/log/v2ray/access.log", 
    "error": "/var/log/v2ray/error.log", 
    "loglevel": "warning"
  }, 
  "inbound": {
    "port": 1234, 
    "tag": "ss-1234", 
    "protocol": "shadowsocks", 
    "settings": {
      "method": "aes-256-cfb", 
      "password": "ss#test.", 
      "udp": false, 
      "level": 1
    }
  }, 
  "inboundDetour": [
    {
      "port": 1235, 
      "tag": "ss-1235", 
      "protocol": "shadowsocks", 
      "settings": {
        "method": "aes-256-cfb", 
        "password": "ss#test.", 
        "udp": false, 
        "level": 1
      }, 
      "streamSettings": {
        "network": "tcp", 
        "security": "none", 
        "tcpSettings": {
          "header": {
            "type": "http", 
            "request": {
              "version": "1.1", 
              "method": "GET", 
              "path": [
                "/"
              ], 
              "headers": {
                "Host": [
                  "www.toutiao.com", 
                  "www.baidu.com"
                ], 
                "User-Agent": [
                  "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.87 Safari/537.36", 
                  "Mozilla/5.0 (iPhone; CPU iPhone OS 10_0_2 like Mac OS X) AppleWebKit/601.1 (KHTML, like Gecko) CriOS/53.0.2785.109 Mobile/14A456 Safari/601.1.46"
                ]
              }
            }, 
            "response": {
              "version": "1.1", 
              "status": "200", 
              "reason": "OK", 
              "headers": {
                "Content-Type": [
                  "text/html", 
                  "application/x-javascript"
                ], 
                "Transfer-Encoding": [
                  "chunked"
                ]
              }
            }
          }
        }
      }
    }
  ], 
  "outbound": {
    "protocol": "shadowsocks", 
    "tag": "ss-out", 
    "settings": {
      "servers": [
        {
          "address": "127.0.0.1", 
          "port": 1231, 
          "method": "aes-256-cfb", 
          "password": "ss#test.", 
          "ota": false
        }
      ]
    }
  }, 
  "outboundDetour": [
    {
      "protocol": "blackhole", 
      "settings": { }, 
      "tag": "blocked"
    }, 
    {
      "protocol": "freedom", 
      "tag": "direct", 
      "settings": { }
    }
  ], 
  "routing": {
    "strategy": "rules", 
    "settings": {
      "domainStrategy": "IPIfNonMatch", 
      "rules": [
        {
          "type": "field", 
          "domain": [
            "baidu.com", 
            "qq.com"
          ], 
          "outboundTag": "direct"
        }, 
        {
          "type": "chinaip", 
          "outboundTag": "direct"
        }, 
        {
          "type": "chinasites", 
          "outboundTag": "direct"
        }, 
        {
          "type": "field", 
          "ip": [
            "0.0.0.0/8", 
            "10.0.0.0/8", 
            "100.64.0.0/10", 
            "127.0.0.0/8", 
            "169.254.0.0/16", 
            "172.16.0.0/12", 
            "192.0.0.0/24", 
            "192.0.2.0/24", 
            "192.168.0.0/16", 
            "198.18.0.0/15", 
            "198.51.100.0/24", 
            "203.0.113.0/24", 
            "::1/128", 
            "fc00::/7", 
            "fe80::/10"
          ], 
          "outboundTag": "blocked"
        }
      ]
    }
  }, 
  "transport": {
    "tcpSettings": {
      "header": {
        "type": "http", 
        "request": {
          "version": "1.1", 
          "method": "GET", 
          "path": [
            "/"
          ], 
          "headers": {
            "Host": [
              "www.toutiao.com", 
              "www.baidu.com"
            ], 
            "User-Agent": [
              "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.87 Safari/537.36", 
              "Mozilla/5.0 (iPhone; CPU iPhone OS 10_0_2 like Mac OS X) AppleWebKit/601.1 (KHTML, like Gecko) CriOS/53.0.2785.109 Mobile/14A456 Safari/601.1.46"
            ]
          }
        }, 
        "response": {
          "version": "1.1", 
          "status": "200", 
          "reason": "OK", 
          "headers": {
            "Content-Type": [
              "text/html", 
              "application/x-javascript"
            ], 
            "Transfer-Encoding": [
              "chunked"
            ]
          }
        }
      }
    }, 
    "kcpSettings": {
      "uplinkCapacity": 10, 
      "downlinkCapacity": 10
    }
  }
}

[6656i]

补充ssr混淆参数是 www.toutiao.com,www.baidu.com
单独配置一个传入端口，或者同时配置全局传输，另外没有配置http伪装的端口都无法试用原版ss协议连接，当然ssr混淆也是连接失败的。

[6656i]

开网页提示找不到DNS，服务端日志则是地址无效。

[v2ray]

确认是 aes-256-cfb 中的 bug，下个版本会修。

暂时的解决方案是换用 aes-128-cfb 或 chacha20。

[v2ray]

仔细看了一下似乎不是 aes-256-cfb 的问题，需要继续研究一下。

[tshu-w]

@6656i 采用分连接配置，加密方式 chacha20 没有问题。
不过想知道 协议 协议参数 混淆方式 混淆参数 具体对应哪些项，该怎样设置

[v2ray]

发现 SSR 中有一些奇怪的设定导致无法兼容。文档已更新。

[dongxinb]

@Voleking
我采用了分连接配置，加密方式为chacha20，但是极其不稳定（刷新十次里面有一次可以刷新出来）。
你可以分享下你的config文件吗？