166 lines
4.5 KiB
Markdown
166 lines
4.5 KiB
Markdown
# 🚀 FuckHTTP3
|
|
|
|
A high-performance HTTP/3 proxy implementation in Go using the QUIC protocol, designed to break through limitations with style.
|
|
|
|
> *Speed. Security. Simplicity.*
|
|
|
|
## ✨ Features
|
|
|
|
- **Ultra-Fast Performance** - Built on HTTP/3 with QUIC protocol for blazing speed
|
|
- **Dual Proxy Modes** - Operate in forward or reverse proxy configuration
|
|
- **Protocol Intelligence** - Auto-handles HTTP/1.1, HTTP/2, and HTTP/3 on the same port
|
|
- **Military-Grade Security** - TLS 1.3 encryption by default (required for HTTP/3)
|
|
- **Smart URL Handling** - Processes various URL formats without configuration
|
|
- **Containerized** - Docker and Docker Compose support for effortless deployment
|
|
- **Lightweight** - Minimal resource footprint with maximum performance
|
|
|
|
## 🔧 Requirements
|
|
|
|
- Go 1.21+
|
|
- OpenSSL (for certificate generation)
|
|
- Docker and Docker Compose (optional)
|
|
|
|
## 🚀 Quick Start
|
|
|
|
### 1. Clone the repository
|
|
|
|
```bash
|
|
git clone https://github.com/yourusername/fuckhttp3.git
|
|
cd fuckhttp3
|
|
```
|
|
|
|
### 2. Generate TLS certificates
|
|
|
|
HTTP/3 requires TLS certificates. For testing, generate self-signed certificates:
|
|
|
|
```bash
|
|
chmod +x generate-certs.sh
|
|
./generate-certs.sh
|
|
```
|
|
|
|
For production, use certificates from a trusted Certificate Authority.
|
|
|
|
### 3. Build and run
|
|
|
|
#### 🧪 Option 1: Using Go directly
|
|
|
|
```bash
|
|
go build -o fuckhttp3
|
|
./fuckhttp3 --addr=localhost:8443 --cert=cert.pem --key=key.pem --verbose
|
|
```
|
|
|
|
#### 🐳 Option 2: Using Docker Compose
|
|
|
|
```bash
|
|
docker-compose up --build
|
|
```
|
|
|
|
## 🎮 Usage
|
|
|
|
### Command-line options
|
|
|
|
| Option | Description | Default |
|
|
|--------|-------------|---------|
|
|
| `--addr` | Address to listen on | `localhost:8443` |
|
|
| `--cert` | Path to certificate file | `cert.pem` |
|
|
| `--key` | Path to private key file | `key.pem` |
|
|
| `--target` | Target address to proxy to | (empty = forward proxy) |
|
|
| `--verbose` | Enable verbose logging | `false` |
|
|
|
|
### 🔄 Forward Proxy Mode
|
|
|
|
When the `--target` flag is not provided, operates in forward proxy mode:
|
|
|
|
```bash
|
|
./fuckhttp3 --addr=localhost:8443 --cert=cert.pem --key=key.pem
|
|
```
|
|
|
|
Configure your browser to use `localhost:8443` as an HTTPS proxy.
|
|
|
|
### ↪️ Reverse Proxy Mode
|
|
|
|
With the `--target` flag, operates in reverse proxy mode:
|
|
|
|
```bash
|
|
# Various target formats supported
|
|
./fuckhttp3 --addr=localhost:8443 --cert=cert.pem --key=key.pem --target=example.com
|
|
./fuckhttp3 --addr=localhost:8443 --cert=cert.pem --key=key.pem --target=https://example.com
|
|
./fuckhttp3 --addr=localhost:8443 --cert=cert.pem --key=key.pem --target=https://example.com/api
|
|
```
|
|
|
|
Access at `https://localhost:8443` to reach the target.
|
|
|
|
## 🧪 Testing the Proxy
|
|
|
|
Test with curl (if HTTP/3 support is available):
|
|
|
|
```bash
|
|
curl --http3 https://localhost:8443 -k
|
|
```
|
|
|
|
> Note: The `-k` flag bypasses certificate validation for self-signed certificates.
|
|
|
|
### 🌐 Browser Testing
|
|
|
|
1. Open a browser with HTTP/3 support
|
|
2. Navigate to `https://localhost:8443`
|
|
3. Accept any certificate warnings
|
|
4. Check network tab in developer tools to confirm HTTP/3 usage
|
|
|
|
## 🔒 Client Configuration
|
|
|
|
### Browser Support
|
|
|
|
Enable HTTP/3 in your browser:
|
|
|
|
#### Chrome
|
|
- Open `chrome://flags/`
|
|
- Search for "HTTP/3"
|
|
- Enable "Experimental QUIC protocol"
|
|
- Restart Chrome
|
|
|
|
#### Firefox
|
|
- Open `about:config`
|
|
- Search for "network.http.http3.enabled"
|
|
- Set to `true`
|
|
- Restart Firefox
|
|
|
|
## ⚡ Performance Benefits
|
|
|
|
- **Zero Round-Trip Time** - Faster connection establishment
|
|
- **Loss Resilience** - Improved performance on unstable networks
|
|
- **No Head-of-Line Blocking** - Better stream multiplexing
|
|
- **Connection Migration** - Maintains connections when networks change
|
|
|
|
## 🛡️ Security Considerations
|
|
|
|
- Use trusted certificates in production
|
|
- Keep the proxy and dependencies updated
|
|
- Consider adding authentication for forward proxy mode
|
|
- Limited CONNECT method implementation in current version
|
|
|
|
## 🔍 Troubleshooting
|
|
|
|
| Issue | Solution |
|
|
|-------|----------|
|
|
| UDP Buffer Size Warning | Normal, won't affect operation |
|
|
| Certificate Issues | Verify certificate validity and accessibility |
|
|
| Connection Refused | Check both TCP and UDP port accessibility |
|
|
| HTTP/3 Not Working | Verify client HTTP/3 support is enabled |
|
|
|
|
## 👥 Contributing
|
|
|
|
Contributions welcome! Submit a Pull Request to improve FuckHTTP3.
|
|
|
|
## 📜 License
|
|
|
|
This project is licensed under the SuperNets License.
|
|
|
|
## 🙏 Acknowledgments
|
|
|
|
- Based on the quic-go library
|
|
- Inspired by other Go proxy implementations
|
|
|
|
---
|
|
|
|
**Note**: Experimental implementation which may not support all HTTP/3 features. Production use at your own risk. |