exit_node responses are viewed as JSON in browser

[Morteza-24]

• using the latest mhrv-rs 1.9.33
• deployed the latest Code.gs on Google Apps Script
• deployed exit_node.ts on Deno and the relay URL correctly returns {"e":"method_not_allowed"} when opened in browser

my config.json :

{
  "mode": "apps_script",
  "google_ip": "216.239.38.120",
  "front_domain": "www.google.com",
  "auth_key": "",
  "script_id": [
	"",
	""
  ],
  "listen_host": "127.0.0.1",
  "listen_port": 8085,
  "socks5_port": 8086,
  "log_level": "info",
  "verify_ssl": true,
  "exit_node": {
    "enabled": true,
    "relay_url": "https://deno-exit-node-example.example.deno.net",
    "psk": "",
    "mode": "selective",
    "hosts": ["chatgpt.com", "claude.ai", "x.com", "grok.com", "openai.com"]
  }
}

When I open websites other than the ones in hosts (such as youtube.com), they are viewed normally. But when I open x.com, for example, I see the following JSON in my browser:

JSON response shown in browser

{
  "s": 200,
  "h": {
    "cache-control": "no-cache, private, must-revalidate, pre-check=0, post-check=0",
    "cf-cache-status": "DYNAMIC",
    "cf-ray": "...",
    "content-security-policy": "...",
    "content-type": "text/html; charset=utf-8",
    "cross-origin-embedder-policy": "unsafe-none",
    "cross-origin-opener-policy": "unsafe-none",
    "date": "Thu, 21 May 2026 07:37:40 GMT",
    "expiry": "Tue, 31 Mar 1981 05:00:00 GMT",
    "last-modified": "Thu, 21 May 2026 07:37:40 GMT",
    "origin-cf-ray": "...",
    "perf": "7402827104",
    "pragma": "no-cache",
    "reporting-endpoints": "coep-report=\"https://x.com/i/coep-report\", coop-report=\"https://x.com/i/coop-report\"",
    "server": "cloudflare envoy",
    "set-cookie": "__cf_bm=...; HttpOnly; SameSite=None; Secure; Path=/; Domain=x.com; Expires=Thu, 21 May 2026 08:07:40 GMT",
    "strict-transport-security": "max-age=631138519; includeSubdomains",
    "vary": "accept-encoding",
    "x-content-type-options": "nosniff",
    "x-frame-options": "DENY",
    "x-powered-by": "Express",
    "x-response-time": "154",
    "x-served-by": "t4_a",
    "x-transaction-id": "84f30733fa93498f",
    "x-xss-protection": "0"
  },
  "b": "..."
}

And here are the logs:

mhrv-rs logs

INFO RLIMIT_NOFILE = 1000000/1000000 (soft/hard), was 1000000/1000000 at startup
WARN mhrv-rs 1.9.33 starting (mode: apps_script)
INFO HTTP proxy   : 127.0.0.1:8085
INFO SOCKS5 proxy : 127.0.0.1:8086
INFO Apps Script relay: SNI=www.google.com -> script.google.com (via 216.239.38.120)
INFO Script IDs: 2 (round-robin)
INFO Loaded MITM CA from /home/morteza24/.config/mhrv-rs/ca/ca.crt
WARN Listening HTTP   on 127.0.0.1:8085 — set your browser HTTP proxy to this address.
WARN Listening SOCKS5 on 127.0.0.1:8086 — xray / Telegram / app-level SOCKS5 clients use this.
INFO h2 connection established to relay edge
INFO h2 fast path active; h1 fallback pool pre-warmed with 2 connection(s)
INFO dispatch www.google.com:443 -> sni-rewrite tunnel (Google edge direct)
INFO SNI-rewrite tunnel -> www.google.com:443 via 216.239.38.120 (outbound SNI=www.google.com)
INFO dispatch www.google.com:443 -> sni-rewrite tunnel (Google edge direct)
INFO SNI-rewrite tunnel -> www.google.com:443 via 216.239.38.120 (outbound SNI=www.google.com)
INFO dispatch accounts.google.com:443 -> sni-rewrite tunnel (Google edge direct)
INFO SNI-rewrite tunnel -> accounts.google.com:443 via 216.239.38.120 (outbound SNI=www.google.com)
INFO dispatch www.google.com:443 -> sni-rewrite tunnel (Google edge direct)
INFO SNI-rewrite tunnel -> www.google.com:443 via 216.239.38.120 (outbound SNI=www.google.com)
INFO dispatch www.google.com:443 -> sni-rewrite tunnel (Google edge direct)
INFO SNI-rewrite tunnel -> www.google.com:443 via 216.239.38.120 (outbound SNI=www.google.com)
INFO dispatch www.google.com:443 -> sni-rewrite tunnel (Google edge direct)
INFO SNI-rewrite tunnel -> www.google.com:443 via 216.239.38.120 (outbound SNI=www.google.com)
INFO dispatch www.google.com:443 -> sni-rewrite tunnel (Google edge direct)
INFO SNI-rewrite tunnel -> www.google.com:443 via 216.239.38.120 (outbound SNI=www.google.com)
INFO dispatch ogads-pa.clients6.google.com:443 -> sni-rewrite tunnel (Google edge direct)
INFO SNI-rewrite tunnel -> ogads-pa.clients6.google.com:443 via 216.239.38.120 (outbound SNI=www.google.com)
INFO dispatch ogads-pa.clients6.google.com:443 -> sni-rewrite tunnel (Google edge direct)
INFO SNI-rewrite tunnel -> ogads-pa.clients6.google.com:443 via 216.239.38.120 (outbound SNI=www.google.com)
INFO dispatch x.com:443 -> MITM + Apps Script relay (TLS detected)
INFO MITM TLS -> x.com:443 (socks_host=x.com, sni=x.com)
INFO dispatch x.com:443 -> MITM + Apps Script relay (TLS detected)
INFO MITM TLS -> x.com:443 (socks_host=x.com, sni=x.com)
INFO relay GET https://x.com/
INFO relay GET https://x.com/?prefetchTimestamp=1779349059411
INFO dispatch play.google.com:443 -> sni-rewrite tunnel (Google edge direct)
INFO SNI-rewrite tunnel -> play.google.com:443 via 216.239.38.120 (outbound SNI=www.google.com)
INFO dispatch play.google.com:443 -> sni-rewrite tunnel (Google edge direct)
INFO SNI-rewrite tunnel -> play.google.com:443 via 216.239.38.120 (outbound SNI=www.google.com)
INFO dispatch update.googleapis.com:443 -> sni-rewrite tunnel (Google edge direct)
INFO SNI-rewrite tunnel -> update.googleapis.com:443 via 216.239.38.120 (outbound SNI=www.google.com)
INFO dispatch android.clients.google.com:443 -> sni-rewrite tunnel (Google edge direct)
INFO SNI-rewrite tunnel -> android.clients.google.com:443 via 216.239.38.120 (outbound SNI=www.google.com)
INFO dispatch mtalk.google.com:5228 -> MITM + Apps Script relay (TLS detected)
INFO MITM TLS -> mtalk.google.com:5228 (socks_host=mtalk.google.com, sni=mtalk.google.com)
INFO dispatch www.google.com:443 -> sni-rewrite tunnel (Google edge direct)
INFO SNI-rewrite tunnel -> www.google.com:443 via 216.239.38.120 (outbound SNI=www.google.com)
INFO dispatch ogs.google.com:443 -> sni-rewrite tunnel (Google edge direct)
INFO SNI-rewrite tunnel -> ogs.google.com:443 via 216.239.38.120 (outbound SNI=www.google.com)
INFO dispatch x.com:443 -> MITM + Apps Script relay (TLS detected)
INFO MITM TLS -> x.com:443 (socks_host=x.com, sni=x.com)
INFO relay GET https://x.com/favicon.ico

Am I doing something wrong or is this a bug?

P.S. Thank you for this awesome project and all the time and effort you have put into it ❤️

[Morteza-24]

Also,

$ curl -X POST https://deno-exit-node-example.example.deno.net -H "Content-Type: application/json" -d '{"k":"","u":"https://api.ipify.org/?format=json","m":"GET","h":{}}'

returns:

{"s":200,"h":{"cf-cache-status":"DYNAMIC","cf-ray":"9ff22162d9368ddc-AMS","content-type":"application/json","date":"Thu, 21 May 2026 08:14:56 GMT","server":"cloudflare","vary":"Origin"},"b":"<base64>"}

[Morteza-24]

I have also read a related issue and its responses here and here, but I'm pretty sure I have deployed the latest version of Code.gs.