// the find
yonggekkk/Cloudflare-vless-trojan
CF-workers/pages代理脚本:支持Vless-ws(tls)、Trojan-ws(tls);Socks5/http本地代理脚本:可选ECH-TLS、普通TLS、无TLS三种代理模式
A Cloudflare Workers/Pages script that runs VLESS and Trojan proxy protocols over WebSocket, turning free CF accounts into censorship circumvention nodes. Targets users in China who need to bypass the GFW. The socks5/http local proxy mode with ECH support is a newer addition aimed at router-level deployment.
The ECH-TLS mode is a technically sound approach to hiding SNI from deep packet inspection — encrypting the ClientHello means the firewall can't see the destination hostname. The NAT64 variant auto-fills proxyIP without user configuration, which removes a common setup failure point. The project ships pre-built binaries for a wide range of architectures (mips64, arm, amd64, etc.) so it works on the cheap MIPS routers common in this use case. Configuration is entirely local — no external subscription converter needed, which is a real privacy win over the common alternative.
The README itself notes that TLS fragmentation on Workers domains 'may already be ineffective', meaning one of the main GFW bypass techniques is potentially dead and the docs haven't caught up. The default UUID/password ('万人骑' — literally 'ten thousand people ride') is shared across all lazy installs; anyone using defaults is on a known-compromised credential. The codebase credits ChatGPT for integration and mixes code from at least five other projects — there's no coherent ownership and security auditing this is practically impossible. Binary blobs checked into the repo (pre-built executables for multiple platforms) with no reproducible build process is a supply chain red flag.