From 9060b407f7d532ccd01ab74a11a426605d515a25 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Sat, 16 May 2026 15:17:38 +0000 Subject: [PATCH 1/6] fix(alicloud_cs): remove RFC8441-incompatible hop-by-hop headers for h2 requests Agent-Logs-Url: https://github.com/OpenListTeam/OpenList-APIPages/sessions/80ed8003-b1f6-4dfd-b485-645bf524f3e3 Co-authored-by: jyxjjj <16695261+jyxjjj@users.noreply.github.com> --- src/driver/alicloud_cs.ts | 34 +++++++++++++++++++++++++++------- 1 file changed, 27 insertions(+), 7 deletions(-) diff --git a/src/driver/alicloud_cs.ts b/src/driver/alicloud_cs.ts index 8d17719..444f463 100644 --- a/src/driver/alicloud_cs.ts +++ b/src/driver/alicloud_cs.ts @@ -77,8 +77,17 @@ class AlipanQRLogin { }); } - private getHeaders(): Record { - return { + private supportsHttp2(url: string): boolean { + try { + const parsedUrl = new URL(url); + return parsedUrl.protocol === 'https:'; + } catch { + return false; + } + } + + private getHeaders(targetUrl: string): Record { + const headers: Record = { 'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36', 'Accept': 'application/json, text/plain, */*', 'Accept-Language': 'zh-CN,zh;q=0.9,en;q=0.8', @@ -90,6 +99,17 @@ class AlipanQRLogin { 'Referer': 'https://passport.alipan.com/', 'Origin': 'https://passport.alipan.com' }; + + if (this.supportsHttp2(targetUrl)) { + delete headers.Connection; + delete headers.Upgrade; + delete headers['Proxy-Connection']; + delete headers['Keep-Alive']; + delete headers['Transfer-Encoding']; + delete headers['HTTP2-Settings']; + } + + return headers; } // 获取OAuth认证URL @@ -106,7 +126,7 @@ class AlipanQRLogin { const response = await fetch(`${authUrl}?${params}`, { method: 'GET', - headers: this.getHeaders() + headers: this.getHeaders(authUrl) }); if (response.ok) { @@ -143,7 +163,7 @@ class AlipanQRLogin { const response = await fetch(`${loginUrl}?${params}`, { method: 'GET', - headers: this.getHeaders() + headers: this.getHeaders(loginUrl) }); if (response.ok) { @@ -190,7 +210,7 @@ class AlipanQRLogin { }); const headers = { - ...this.getHeaders(), + ...this.getHeaders(qrUrl), 'X-Requested-With': 'XMLHttpRequest', 'Content-Type': 'application/x-www-form-urlencoded; charset=UTF-8' }; @@ -250,7 +270,7 @@ class AlipanQRLogin { } const headers = { - ...this.getHeaders(), + ...this.getHeaders(queryUrl), 'Content-Type': 'application/x-www-form-urlencoded; charset=UTF-8', 'X-Requested-With': 'XMLHttpRequest' }; @@ -705,4 +725,4 @@ export async function genToken(c: Context) { const post_url = "https://openapi.aliyundrive.com/oauth/access_token" return await refresh.pubRenew(c, post_url, params, "POST", "access_token", "refresh_token", "message"); -} \ No newline at end of file +} From 0185492f849f17d62324ca8e42fd8623d203146a Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Sat, 16 May 2026 15:18:37 +0000 Subject: [PATCH 2/6] refactor(alicloud_cs): simplify h2 header cleanup and rename check method Agent-Logs-Url: https://github.com/OpenListTeam/OpenList-APIPages/sessions/80ed8003-b1f6-4dfd-b485-645bf524f3e3 Co-authored-by: jyxjjj <16695261+jyxjjj@users.noreply.github.com> --- src/driver/alicloud_cs.ts | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/src/driver/alicloud_cs.ts b/src/driver/alicloud_cs.ts index 444f463..ee1cd67 100644 --- a/src/driver/alicloud_cs.ts +++ b/src/driver/alicloud_cs.ts @@ -77,7 +77,7 @@ class AlipanQRLogin { }); } - private supportsHttp2(url: string): boolean { + private mayUseHttp2(url: string): boolean { try { const parsedUrl = new URL(url); return parsedUrl.protocol === 'https:'; @@ -100,13 +100,8 @@ class AlipanQRLogin { 'Origin': 'https://passport.alipan.com' }; - if (this.supportsHttp2(targetUrl)) { + if (this.mayUseHttp2(targetUrl)) { delete headers.Connection; - delete headers.Upgrade; - delete headers['Proxy-Connection']; - delete headers['Keep-Alive']; - delete headers['Transfer-Encoding']; - delete headers['HTTP2-Settings']; } return headers; From f172b4377058357baeaeef665d59e68b6de456b1 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Sat, 16 May 2026 15:19:30 +0000 Subject: [PATCH 3/6] refactor(alicloud_cs): add connection header only for non-https requests Agent-Logs-Url: https://github.com/OpenListTeam/OpenList-APIPages/sessions/80ed8003-b1f6-4dfd-b485-645bf524f3e3 Co-authored-by: jyxjjj <16695261+jyxjjj@users.noreply.github.com> --- src/driver/alicloud_cs.ts | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/src/driver/alicloud_cs.ts b/src/driver/alicloud_cs.ts index ee1cd67..24cd805 100644 --- a/src/driver/alicloud_cs.ts +++ b/src/driver/alicloud_cs.ts @@ -77,7 +77,7 @@ class AlipanQRLogin { }); } - private mayUseHttp2(url: string): boolean { + private isHttpsUrl(url: string): boolean { try { const parsedUrl = new URL(url); return parsedUrl.protocol === 'https:'; @@ -92,7 +92,6 @@ class AlipanQRLogin { 'Accept': 'application/json, text/plain, */*', 'Accept-Language': 'zh-CN,zh;q=0.9,en;q=0.8', 'Accept-Encoding': 'gzip, deflate, br', - 'Connection': 'keep-alive', 'Sec-Fetch-Dest': 'empty', 'Sec-Fetch-Mode': 'cors', 'Sec-Fetch-Site': 'same-site', @@ -100,8 +99,8 @@ class AlipanQRLogin { 'Origin': 'https://passport.alipan.com' }; - if (this.mayUseHttp2(targetUrl)) { - delete headers.Connection; + if (!this.isHttpsUrl(targetUrl)) { + headers.Connection = 'keep-alive'; } return headers; From e380da7c6f78cd0d07beda9535125ac868903aaf Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Sat, 16 May 2026 15:20:24 +0000 Subject: [PATCH 4/6] docs(alicloud_cs): clarify https fallback and RFC8441 header rationale Agent-Logs-Url: https://github.com/OpenListTeam/OpenList-APIPages/sessions/80ed8003-b1f6-4dfd-b485-645bf524f3e3 Co-authored-by: jyxjjj <16695261+jyxjjj@users.noreply.github.com> --- src/driver/alicloud_cs.ts | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/driver/alicloud_cs.ts b/src/driver/alicloud_cs.ts index 24cd805..512275e 100644 --- a/src/driver/alicloud_cs.ts +++ b/src/driver/alicloud_cs.ts @@ -82,6 +82,7 @@ class AlipanQRLogin { const parsedUrl = new URL(url); return parsedUrl.protocol === 'https:'; } catch { + // URL 无法解析时按非 HTTPS 处理,避免误判为 H2 路径 return false; } } @@ -99,6 +100,7 @@ class AlipanQRLogin { 'Origin': 'https://passport.alipan.com' }; + // Connection 是 hop-by-hop 头,在 HTTP/2 路径中不应发送(RFC8441 兼容性) if (!this.isHttpsUrl(targetUrl)) { headers.Connection = 'keep-alive'; } From 60d0bac379fcb8e2f55e3ef0dbcf4e7f17914a39 Mon Sep 17 00:00:00 2001 From: ShenLin <773933146@qq.com> Date: Sun, 17 May 2026 04:59:45 +0000 Subject: [PATCH 5/6] revert(alicloud_cs): revert changes from copilot Signed-off-by: GitHub --- src/driver/alicloud_cs.ts | 32 ++++++++------------------------ 1 file changed, 8 insertions(+), 24 deletions(-) diff --git a/src/driver/alicloud_cs.ts b/src/driver/alicloud_cs.ts index 512275e..8d17719 100644 --- a/src/driver/alicloud_cs.ts +++ b/src/driver/alicloud_cs.ts @@ -77,35 +77,19 @@ class AlipanQRLogin { }); } - private isHttpsUrl(url: string): boolean { - try { - const parsedUrl = new URL(url); - return parsedUrl.protocol === 'https:'; - } catch { - // URL 无法解析时按非 HTTPS 处理,避免误判为 H2 路径 - return false; - } - } - - private getHeaders(targetUrl: string): Record { - const headers: Record = { + private getHeaders(): Record { + return { 'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36', 'Accept': 'application/json, text/plain, */*', 'Accept-Language': 'zh-CN,zh;q=0.9,en;q=0.8', 'Accept-Encoding': 'gzip, deflate, br', + 'Connection': 'keep-alive', 'Sec-Fetch-Dest': 'empty', 'Sec-Fetch-Mode': 'cors', 'Sec-Fetch-Site': 'same-site', 'Referer': 'https://passport.alipan.com/', 'Origin': 'https://passport.alipan.com' }; - - // Connection 是 hop-by-hop 头,在 HTTP/2 路径中不应发送(RFC8441 兼容性) - if (!this.isHttpsUrl(targetUrl)) { - headers.Connection = 'keep-alive'; - } - - return headers; } // 获取OAuth认证URL @@ -122,7 +106,7 @@ class AlipanQRLogin { const response = await fetch(`${authUrl}?${params}`, { method: 'GET', - headers: this.getHeaders(authUrl) + headers: this.getHeaders() }); if (response.ok) { @@ -159,7 +143,7 @@ class AlipanQRLogin { const response = await fetch(`${loginUrl}?${params}`, { method: 'GET', - headers: this.getHeaders(loginUrl) + headers: this.getHeaders() }); if (response.ok) { @@ -206,7 +190,7 @@ class AlipanQRLogin { }); const headers = { - ...this.getHeaders(qrUrl), + ...this.getHeaders(), 'X-Requested-With': 'XMLHttpRequest', 'Content-Type': 'application/x-www-form-urlencoded; charset=UTF-8' }; @@ -266,7 +250,7 @@ class AlipanQRLogin { } const headers = { - ...this.getHeaders(queryUrl), + ...this.getHeaders(), 'Content-Type': 'application/x-www-form-urlencoded; charset=UTF-8', 'X-Requested-With': 'XMLHttpRequest' }; @@ -721,4 +705,4 @@ export async function genToken(c: Context) { const post_url = "https://openapi.aliyundrive.com/oauth/access_token" return await refresh.pubRenew(c, post_url, params, "POST", "access_token", "refresh_token", "message"); -} +} \ No newline at end of file From 634a15cc411cfadf387b20c9522cbe529137627a Mon Sep 17 00:00:00 2001 From: ShenLin <773933146@qq.com> Date: Sun, 17 May 2026 05:00:50 +0000 Subject: [PATCH 6/6] fix(alicloud_cs): remove RFC8441-incompatible Connection header Signed-off-by: GitHub --- src/driver/alicloud_cs.ts | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/driver/alicloud_cs.ts b/src/driver/alicloud_cs.ts index 8d17719..6b9e26c 100644 --- a/src/driver/alicloud_cs.ts +++ b/src/driver/alicloud_cs.ts @@ -83,7 +83,6 @@ class AlipanQRLogin { 'Accept': 'application/json, text/plain, */*', 'Accept-Language': 'zh-CN,zh;q=0.9,en;q=0.8', 'Accept-Encoding': 'gzip, deflate, br', - 'Connection': 'keep-alive', 'Sec-Fetch-Dest': 'empty', 'Sec-Fetch-Mode': 'cors', 'Sec-Fetch-Site': 'same-site', @@ -705,4 +704,4 @@ export async function genToken(c: Context) { const post_url = "https://openapi.aliyundrive.com/oauth/access_token" return await refresh.pubRenew(c, post_url, params, "POST", "access_token", "refresh_token", "message"); -} \ No newline at end of file +}