HTTP/2 protocol error: Received header value surrounded by whitespace

This check can be disabled in mitmproxy 8 using the validate_inbound_headers option. 😃

The problem is YouTube’s user agent, which incorrectly has a space at the end. We turned on some additional HTTP header validation in 7.0.3 to prevent request smuggling. Looks like we should only turn on what we need for that.

On Sat, 2 Oct 2021, 17:12 trungtly, @.***> wrote:

Thanks Maxim, 7.0.2 works perfectly. Actually 7.0.3 has been working well until midnight yesterday. Could it be some change in the certificate that causes the bug? Thanks a lot for your help.

On Sun, Oct 3, 2021 at 12:44 AM Maximilian Hils @.***> wrote:

Thanks. Could you try if 7.0.2 (not 7.0.3/7.0.4) works?

On Sat, 2 Oct 2021, 15:52 trungtly, @.***> wrote:

Problem Description

Youtube iOS app unable to connect through mitmproxy. The event log is as below

Web server listening at http://127.0.0.1:8081/ Proxy server listening at http://*:8080192.168.1.106:50388: client connect192.168.1.106:51246: client connect192.168.1.106:51247: client connect192.168.1.106:50388: server connect r1—sn-u2bpouxgoxu-hxay.googlevideo.com:443 (202.7.223.140:443) 192.168.1.106:51248: client connect192.168.1.106:51246: server connect notifications-pa.googleapis.com:443 (142.250.70.138:443) 192.168.1.106:51247: server connect youtubei.googleapis.com:443 ( 142.250.70.170:443)192.168.1.106:51248: server connect inappcheck.itunes.apple.com:443 (23.199.68.241:443)192.168.1.106:50389: client connect192.168.1.106:51249: client connect192.168.1.106:50388: client disconnect192.168.1.106:51247: 192.168.1.106:51247: HTTP/2 protocol error: Received header value surrounded by whitespace b’com.google.ios.youtube/16.38.2 (iPhone9,4; U; CPU iOS 14_7_1 like Mac OS X; en_AU) '192.168.1.106:51248: Client TLS handshake failed. The client disconnected during the handshake. If this happens consistently for inappcheck.itunes.apple.com, this may indicate that the client does not trust the proxy’s certificate.192.168.1.106:51248: client disconnect192.168.1.106:51247: client disconnect

Steps to reproduce the behavior:

1. Launch mitmweb on macbook
2. Connect iPhone 7 to the proxy
3. Open Youtube iOS app

System Information

Mitmproxy: 7.0.3 Python: 3.9.7 OpenSSL: OpenSSL 1.1.1l 24 Aug 2021 Platform: macOS-11.6-x86_64-i386-64bit

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/mitmproxy/mitmproxy/issues/4836, or unsubscribe <

https://github.com/notifications/unsubscribe-auth/AAHY2PRZNJX2HXJP3OMOYBLUE4FABANCNFSM5FGNWE4Q

. Triage notifications on the go with GitHub Mobile for iOS <

https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675

or Android <

https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub

.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub < https://github.com/mitmproxy/mitmproxy/issues/4836#issuecomment-932763873 , or unsubscribe < https://github.com/notifications/unsubscribe-auth/AM4B3ZNDKKHIGYH5UQGRBDLUE4LEZANCNFSM5FGNWE4Q

. Triage notifications on the go with GitHub Mobile for iOS < https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675

or Android < https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub .

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/mitmproxy/mitmproxy/issues/4836#issuecomment-932768273, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAHY2PS7VKWG2Q4OBEUPHW3UE4OO5ANCNFSM5FGNWE4Q . Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.