http3 WebProxy
Go to file
2025-04-26 18:26:21 +00:00
.gitignore init commit 2025-04-26 14:24:23 -04:00
docker-compose.yml init commit 2025-04-26 14:24:23 -04:00
Dockerfile init commit 2025-04-26 14:24:23 -04:00
generate-certs.sh init commit 2025-04-26 14:24:23 -04:00
go.mod init commit 2025-04-26 14:24:23 -04:00
go.sum init commit 2025-04-26 14:24:23 -04:00
main.go init commit 2025-04-26 14:24:23 -04:00
README.md Update README.md 2025-04-26 18:26:21 +00:00

🚀 FuckHTTP3

A high-performance HTTP/3 proxy implementation in Go using the QUIC protocol, designed to break through limitations with style.

Speed. Security. Simplicity.

Features

  • Ultra-Fast Performance - Built on HTTP/3 with QUIC protocol for blazing speed
  • Dual Proxy Modes - Operate in forward or reverse proxy configuration
  • Protocol Intelligence - Auto-handles HTTP/1.1, HTTP/2, and HTTP/3 on the same port
  • Military-Grade Security - TLS 1.3 encryption by default (required for HTTP/3)
  • Smart URL Handling - Processes various URL formats without configuration
  • Containerized - Docker and Docker Compose support for effortless deployment
  • Lightweight - Minimal resource footprint with maximum performance

🔧 Requirements

  • Go 1.21+
  • OpenSSL (for certificate generation)
  • Docker and Docker Compose (optional)

🚀 Quick Start

1. Clone the repository

git clone https://git.supernets.org/e/fuckhttp3.git
cd fuckhttp3

2. Generate TLS certificates

HTTP/3 requires TLS certificates. For testing, generate self-signed certificates:

chmod +x generate-certs.sh
./generate-certs.sh

For production, use certificates from a trusted Certificate Authority.

3. Build and run

🧪 Option 1: Using Go directly

go build -o fuckhttp3
./fuckhttp3 --addr=localhost:8443 --cert=cert.pem --key=key.pem --verbose

🐳 Option 2: Using Docker Compose

docker-compose up --build

🎮 Usage

Command-line options

Option Description Default
--addr Address to listen on localhost:8443
--cert Path to certificate file cert.pem
--key Path to private key file key.pem
--target Target address to proxy to (empty = forward proxy)
--verbose Enable verbose logging false

🔄 Forward Proxy Mode

When the --target flag is not provided, operates in forward proxy mode:

./fuckhttp3 --addr=localhost:8443 --cert=cert.pem --key=key.pem

Configure your browser to use localhost:8443 as an HTTPS proxy.

↪️ Reverse Proxy Mode

With the --target flag, operates in reverse proxy mode:

# Various target formats supported
./fuckhttp3 --addr=localhost:8443 --cert=cert.pem --key=key.pem --target=example.com
./fuckhttp3 --addr=localhost:8443 --cert=cert.pem --key=key.pem --target=https://example.com
./fuckhttp3 --addr=localhost:8443 --cert=cert.pem --key=key.pem --target=https://example.com/api

Access at https://localhost:8443 to reach the target.

🧪 Testing the Proxy

Test with curl (if HTTP/3 support is available):

curl --http3 https://localhost:8443 -k

Note: The -k flag bypasses certificate validation for self-signed certificates.

🌐 Browser Testing

  1. Open a browser with HTTP/3 support
  2. Navigate to https://localhost:8443
  3. Accept any certificate warnings
  4. Check network tab in developer tools to confirm HTTP/3 usage

🔒 Client Configuration

Browser Support

Enable HTTP/3 in your browser:

Chrome

  • Open chrome://flags/
  • Search for "HTTP/3"
  • Enable "Experimental QUIC protocol"
  • Restart Chrome

Firefox

  • Open about:config
  • Search for "network.http.http3.enabled"
  • Set to true
  • Restart Firefox

Performance Benefits

  • Zero Round-Trip Time - Faster connection establishment
  • Loss Resilience - Improved performance on unstable networks
  • No Head-of-Line Blocking - Better stream multiplexing
  • Connection Migration - Maintains connections when networks change

🛡️ Security Considerations

  • Use trusted certificates in production
  • Keep the proxy and dependencies updated
  • Consider adding authentication for forward proxy mode
  • Limited CONNECT method implementation in current version

🔍 Troubleshooting

Issue Solution
UDP Buffer Size Warning Normal, won't affect operation
Certificate Issues Verify certificate validity and accessibility
Connection Refused Check both TCP and UDP port accessibility
HTTP/3 Not Working Verify client HTTP/3 support is enabled

👥 Contributing

Contributions welcome! Submit a Pull Request to improve FuckHTTP3.

📜 License

This project is licensed under the supernets license. Get fucked

🙏 Acknowledgments

  • Based on the quic-go library
  • Inspired by other Go proxy implementations

Note: Experimental implementation which may not support all HTTP/3 features. Production use at your own risk.