serv00搭建的NewAPI已经会被拦截403了吗?
- 内容介绍
- 文章标签
- 相关推荐
怎么我搭建的Newapi明明curl能访问,codex就是会报403,nginx的锅吗?
curl -s -H "Authorization: Bearer sk-xxx" \
-H "Content-Type: application/json" \
-d '{"model":"gpt-5.4","input":[{"role":"user","content":"test"}]}' \
https://x.serv00.net/v1/responses
{"id":"resp_0b470a625ca3f33b0169ccb4c10a688191b2e618671ac9fc5b","object":"response","created_at":1775023297,"status":"completed","background":false,"completed_at":1775023297,"error":null,"frequency_penalty":0.0,"incomplete_details":null,"instructions":null,"max_output_tokens":null,"max_tool_calls":null,"model":"gpt-5.4","output":[{"id":"msg_0b470a625ca3f33b0169ccb4c179048191a4463098508a07d6","type":"message","status":"completed","content":[{"type":"output_text","annotations":[],"logprobs":[],"text":"Hello! How can I help?"}],"phase":"final_answer","role":"assistant"}],"parallel_tool_calls":true,"presence_penalty":0.0,"previous_response_id":null,"prompt_cache_key":"12c90f07-9377-4fcc-96cb-d25a981d6d9c","prompt_cache_retention":null,"reasoning":{"effort":"none","summary":null},"safety_identifier":"user-7QjViCA9fQmSTb0xxlVAsluM","service_tier":"default","store":false,"temperature":1.0,"text":{"format":{"type":"text"},"verbosity":"medium"},"tool_choice":"auto","tool_usage":{"image_gen":{"input_tokens":0,"input_tokens_details":{"image_tokens":0,"text_tokens":0},"output_tokens":0,"output_tokens_details":{"image_tokens":0,"text_tokens":0},"total_tokens":0},"web_search":{"num_requests":0}},"tools":[],"top_logprobs":0,"top_p":0.98,"truncation":"disabled","usage":{"input_tokens":7,"input_tokens_details":{"cached_tokens":0},"output_tokens":11,"output_tokens_details":{"reasoning_tokens":0},"total_tokens":18},"user":null,"metadata":{}}%
curl -I -H "Authorization: Bearer sk-xxx" \
https://x.serv00.net/v1/responses
HTTP/2 404
server: nginx
date: Wed, 01 Apr 2026 06:02:16 GMT
content-type: application/json; charset=utf-8
content-length: 108
cache-control: max-age=604800
cache-version: b688f2fb5be447c25e5aa3bd063087a83db32a288bf6a4f35f2d8db310e40b14
x-new-api-version: v0.0.0
x-oneapi-request-id: 20260401060216243017674EIgy7hRc
codex无论是工具还是vscode的插件,都报403:
unexpected status 403 Forbidden: <html> <head><title>403 Forbidden</title></head> <body> <center><h1>403 Forbidden</h1></center> <hr><center>nginx</center> </body> </html>, url: https://x.serv00.net/v1/responses
人都麻了,有没有大佬帮忙看看,上午都好好的,感觉会不会是和昨天的**【安全预警】2026-03-31 知名 JavaScript 请求库 Axios 遭遇 NPM 供应链投毒攻击**又关系呢?
发现新的问题了,好像不是因为UA问题,好像是长链的问题,codex官方今天升级长链了吗?
我本地拦截看到是websocket???
[>> 请求发出] GET /v1/responses
[>> 请求头]: {
host: '127.0.0.1:3000',
connection: 'Upgrade',
upgrade: 'websocket',
'sec-websocket-version': '13',
'sec-websocket-key': 'guP2Ek6AvK897+GTC1abSg==',
authorization: 'Bearer sk-xxx',
originator: 'codex_vscode',
'openai-beta': 'responses_websockets=2026-02-06',
session_id: '019d47e4-dd8c-7620-a252-7cd000273e94',
'x-client-request-id': '019d47e4-dd8c-7620-a252-7cd000273e94',
version: '0.118.0-alpha.2',
'x-codex-turn-metadata': '{"session_id":"019d47e4-dd8c-7620-a252-7cd000273e94","turn_id":"019d47e7-f35c-7c92-b8b0-1f5b390cf4bc","sandbox":"seatbelt"}',
'sec-websocket-extensions': 'permessage-deflate; client_max_window_bits'
}
网友解答:
--【壹】--:
也没开ws,现在opencode,kelivo都基本403
--【贰】--:
大概率是 serv00 那层按 UA 拦了,拿 codex 的请求头原样用 curl 重放一下。
--【叁】--:
ws的问题,把ws关了,或者换老版本插件
--【肆】--:
你的意思拦截一下codex的请求,然后用curl模拟codex请求头来试试哇?我这样试过,所以基本上确定是UA问题,不知道为啥serv00突然拦codex的UA,前几天都好好的,今天上午突然就G了
--【伍】--:
好像是webscoket的问题,最新的codex全都用长链了吗
--【陆】--:
实测有效,感谢佬提供解决方案,帮大忙了。
--【柒】--:
好像是webscoket的问题
--【捌】--:
改完了,这下好多了,没想过还要设置这个的
--【玖】--:
感觉除了claw好一些,其他客户端请求都不太行
--【拾】--:
我也怀疑User-Agent,但是没有证据,感觉好像是serv00的ngix把codex的请求给拦下来了
--【拾壹】--:
devil www options 你的域名 waf 0
devil www options 你的域名 pow 0
--【拾贰】--:
有可能是User-Agent的锅
--【拾叁】--:
中转站请求有办法加请求头吗?我搭的cpa也老是403了,难受
怎么我搭建的Newapi明明curl能访问,codex就是会报403,nginx的锅吗?
curl -s -H "Authorization: Bearer sk-xxx" \
-H "Content-Type: application/json" \
-d '{"model":"gpt-5.4","input":[{"role":"user","content":"test"}]}' \
https://x.serv00.net/v1/responses
{"id":"resp_0b470a625ca3f33b0169ccb4c10a688191b2e618671ac9fc5b","object":"response","created_at":1775023297,"status":"completed","background":false,"completed_at":1775023297,"error":null,"frequency_penalty":0.0,"incomplete_details":null,"instructions":null,"max_output_tokens":null,"max_tool_calls":null,"model":"gpt-5.4","output":[{"id":"msg_0b470a625ca3f33b0169ccb4c179048191a4463098508a07d6","type":"message","status":"completed","content":[{"type":"output_text","annotations":[],"logprobs":[],"text":"Hello! How can I help?"}],"phase":"final_answer","role":"assistant"}],"parallel_tool_calls":true,"presence_penalty":0.0,"previous_response_id":null,"prompt_cache_key":"12c90f07-9377-4fcc-96cb-d25a981d6d9c","prompt_cache_retention":null,"reasoning":{"effort":"none","summary":null},"safety_identifier":"user-7QjViCA9fQmSTb0xxlVAsluM","service_tier":"default","store":false,"temperature":1.0,"text":{"format":{"type":"text"},"verbosity":"medium"},"tool_choice":"auto","tool_usage":{"image_gen":{"input_tokens":0,"input_tokens_details":{"image_tokens":0,"text_tokens":0},"output_tokens":0,"output_tokens_details":{"image_tokens":0,"text_tokens":0},"total_tokens":0},"web_search":{"num_requests":0}},"tools":[],"top_logprobs":0,"top_p":0.98,"truncation":"disabled","usage":{"input_tokens":7,"input_tokens_details":{"cached_tokens":0},"output_tokens":11,"output_tokens_details":{"reasoning_tokens":0},"total_tokens":18},"user":null,"metadata":{}}%
curl -I -H "Authorization: Bearer sk-xxx" \
https://x.serv00.net/v1/responses
HTTP/2 404
server: nginx
date: Wed, 01 Apr 2026 06:02:16 GMT
content-type: application/json; charset=utf-8
content-length: 108
cache-control: max-age=604800
cache-version: b688f2fb5be447c25e5aa3bd063087a83db32a288bf6a4f35f2d8db310e40b14
x-new-api-version: v0.0.0
x-oneapi-request-id: 20260401060216243017674EIgy7hRc
codex无论是工具还是vscode的插件,都报403:
unexpected status 403 Forbidden: <html> <head><title>403 Forbidden</title></head> <body> <center><h1>403 Forbidden</h1></center> <hr><center>nginx</center> </body> </html>, url: https://x.serv00.net/v1/responses
人都麻了,有没有大佬帮忙看看,上午都好好的,感觉会不会是和昨天的**【安全预警】2026-03-31 知名 JavaScript 请求库 Axios 遭遇 NPM 供应链投毒攻击**又关系呢?
发现新的问题了,好像不是因为UA问题,好像是长链的问题,codex官方今天升级长链了吗?
我本地拦截看到是websocket???
[>> 请求发出] GET /v1/responses
[>> 请求头]: {
host: '127.0.0.1:3000',
connection: 'Upgrade',
upgrade: 'websocket',
'sec-websocket-version': '13',
'sec-websocket-key': 'guP2Ek6AvK897+GTC1abSg==',
authorization: 'Bearer sk-xxx',
originator: 'codex_vscode',
'openai-beta': 'responses_websockets=2026-02-06',
session_id: '019d47e4-dd8c-7620-a252-7cd000273e94',
'x-client-request-id': '019d47e4-dd8c-7620-a252-7cd000273e94',
version: '0.118.0-alpha.2',
'x-codex-turn-metadata': '{"session_id":"019d47e4-dd8c-7620-a252-7cd000273e94","turn_id":"019d47e7-f35c-7c92-b8b0-1f5b390cf4bc","sandbox":"seatbelt"}',
'sec-websocket-extensions': 'permessage-deflate; client_max_window_bits'
}
网友解答:
--【壹】--:
也没开ws,现在opencode,kelivo都基本403
--【贰】--:
大概率是 serv00 那层按 UA 拦了,拿 codex 的请求头原样用 curl 重放一下。
--【叁】--:
ws的问题,把ws关了,或者换老版本插件
--【肆】--:
你的意思拦截一下codex的请求,然后用curl模拟codex请求头来试试哇?我这样试过,所以基本上确定是UA问题,不知道为啥serv00突然拦codex的UA,前几天都好好的,今天上午突然就G了
--【伍】--:
好像是webscoket的问题,最新的codex全都用长链了吗
--【陆】--:
实测有效,感谢佬提供解决方案,帮大忙了。
--【柒】--:
好像是webscoket的问题
--【捌】--:
改完了,这下好多了,没想过还要设置这个的
--【玖】--:
感觉除了claw好一些,其他客户端请求都不太行
--【拾】--:
我也怀疑User-Agent,但是没有证据,感觉好像是serv00的ngix把codex的请求给拦下来了
--【拾壹】--:
devil www options 你的域名 waf 0
devil www options 你的域名 pow 0
--【拾贰】--:
有可能是User-Agent的锅
--【拾叁】--:
中转站请求有办法加请求头吗?我搭的cpa也老是403了,难受