fix(lanzou): handle acw_sc__v2 anti-crawler challenge on all requests#9548
Merged
Conversation
The acw_sc__v2 challenge can be served on any pan.lanzoui.com request (share page, iframe page, ajaxm.php), but it was only handled for the first share page. This caused intermittent failures: - "uid variable not find" when mydisk.php returned the challenge on init - "not find data" when the iframe download page returned the challenge - empty "failed get link" when ajaxm.php POST returned the challenge (the challenge HTML was parsed as JSON, zt=0 -> empty info) Also fix HexXor, which was broken since the driver was introduced and made every challenge unsolvable: - bytes.NewBuffer(make([]byte, len(hex1))) prefixed the result with len(hex1) null bytes - missing zero-padding produced a single hex char when xor result < 0x10, misaligning the whole string Move the challenge solve/retry loop down into request() so every GET/POST transparently handles it, and simplify getHtml accordingly.
JoaHuang
approved these changes
Jun 1, 2026
skysliences
approved these changes
Jun 1, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
问题
蓝奏云(账号密码登录)能列文件,但获取下载地址间歇性失败,报错形式不一:
failed get link: acw_sc__v2 validation errorfailed get link: not find datafailed get link:(message 为空)Failed init storage: uid variable not find根因
蓝奏云的
acw_sc__v2反爬挑战会出现在任意pan.lanzoui.com请求上(分享页、iframe 下载页、ajaxm.php),以及初始化时的pc.woozooo.com/mydisk.php。但原代码只对第一个分享页做了挑战处理,导致:mydisk.php返回挑战页 → 找不到uid=→uid variable not findnot find dataajaxm.php的 POST 返回挑战页 → 被当成 JSON 解析,zt=0走 default 分支且info为空 → 空错误此外
HexXor自驱动引入起就是坏的,使得挑战根本无法被正确求解:bytes.NewBuffer(make([]byte, len(hex1)))用的是长度而非容量,结果被len(hex1)个\x00前缀污染;< 0x10时只输出一个十六进制字符,导致整串错位/长度不足。改动
HexXor:改用strings.Builder+%02x补零,并修正循环边界。request(),所有 GET/POST 透明解挑战(最多 3 次)。getHtml,getVeiAndUid/getShareUrlHtml/ iframe 页统一走该链路。验证
用真实账号密码联调(账号密码登录):
ajaxm.phpPOST 被挑战,空错误)。webgetstore.com/lanosso.com);mydisk.php的 uid/vei 正常获取。仅改动
drivers/lanzou/help.go与drivers/lanzou/util.go,go build ./drivers/lanzou/通过。