v1.6.2: fix "every download capped at 256 KB" (fix #162)

In `relay_parallel_range`, when a chunk failed validation
(`extract_exact_range_body` returned Err) OR the stitched body length
didn't match the advertised total, the fallback path called
`rewrite_206_to_200(&first)` — which converted the 256 KiB probe
response into HTTP 200 + Content-Length=262144 and returned that as
if it were the full file. Browsers saw a complete-looking 200 and
treated the download as finished at 256 KB.

Common triggers for the chunk-validation failure (per the user
reports):
- Apps Script's UrlFetchApp stripping `Content-Range` from chunk
  responses while preserving it on the probe
- Origin returning 200-OK on follow-up Range requests (some servers
  flatten ranges after the first one)
- Mismatched `total` field across chunks for paths behind a varying
  cache layer

The correct fallback is a single GET without any Range header —
Apps Script fetches the whole URL (up to its 50 MiB cap) and
returns a normal 200 with the complete body. Slower than parallel
for large files but produces a correct response, which is the
minimum bar.

Two independent reports (Ehsan in #162, Recruit1992 confirming).
98 lib tests still pass; existing `validate_probe_range_rejects_*`
and `extract_exact_range_body_*` tests already cover the validation
side, the fallback path is observed integration-testing.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

Author: therealaleph

Cargo.lock

@@ -1,6 +1,6 @@
 [package]
 name = "mhrv-rs"
-version = "1.6.1"
+version = "1.6.2"
 edition = "2021"
 description = "Rust port of MasterHttpRelayVPN -- DPI bypass via Google Apps Script relay with domain fronting"
 license = "MIT"

Cargo.toml

@@ -14,8 +14,8 @@ android {
         applicationId = "com.therealaleph.mhrv"
         minSdk = 24 // Android 7.0 — covers 99%+ of live devices.
         targetSdk = 34
-        versionCode = 140
-        versionName = "1.6.1"
+        versionCode = 141
+        versionName = "1.6.2"
 
         // Ship all four mainstream Android ABIs:
         //   - arm64-v8a      — 95%+ of real-world Android phones since 2019

android/app/build.gradle.kts

@@ -0,0 +1,4 @@
+<!-- see docs/changelog/v1.1.0.md for the file format: Persian, then `---`, then English. -->
+• رفع باگ "همهٔ دانلودها روی ۲۵۶ کیلوبایت قطع میشن" ([#162](https://github.com/therealaleph/MasterHttpRelayVPN-RUST/issues/162)): در relay range-parallel، اگه validation هر chunk رد می‌شد (مثلاً Apps Script هدر `Content-Range` رو حذف می‌کرد، یا origin روی chunkهای بعدی به جای 206 یه 200 برمی‌گردوند)، fallback اشتباهی پاسخ probe (یعنی فقط ۲۵۶ کیلوبایت اول) رو به‌عنوان فایل کامل برمی‌گردوند. مرورگر `HTTP 200` با `Content-Length=262144` می‌دید و دانلود رو "کامل" تلقی می‌کرد. حالا fallback یک GET تک‌مرحله‌ای جدید بدون Range هدر می‌فرسته که Apps Script کل URL رو fetch کنه (تا سقف ۵۰ مگ). برای فایل‌های بزرگ‌تر کندتره از مسیر parallel، ولی پاسخ کامل می‌ده — که اون چیزی هست که اهمیت داره. ۲ کاربر مستقل این رو ریپورت کردن (Ehsan، Recruit1992)
+---
+• Fix "every download capped at 256 KB" bug ([#162](https://github.com/therealaleph/MasterHttpRelayVPN-RUST/issues/162)): in range-parallel relay, when any chunk failed validation (e.g. Apps Script stripping the `Content-Range` header on follow-up chunks, or origin returning 200-instead-of-206 on later chunks), the fallback path silently returned the probe response (the first 256 KiB) as if it were the full file. Browsers saw `HTTP 200` with `Content-Length=262144` and treated the download as complete. The fallback now does a fresh single GET without the Range header, letting Apps Script fetch the full URL (up to its 50 MiB cap). Slower than the parallel path for large files, but produces a complete response — which is what matters. Two independent users (Ehsan, Recruit1992) reported this; closed-loop with both

docs/changelog/v1.6.2.md

@@ -765,24 +765,39 @@ impl DomainFronter {
             match chunk {
                 Ok(chunk) => full.extend_from_slice(&chunk),
                 Err(reason) => {
+                    // Issue #162: silently rewriting the probe to a 200
+                    // here truncates the response to whatever the probe
+                    // saw (typically 256 KiB — the chunk size). Browsers
+                    // see HTTP 200 + Content-Length=262144 and treat
+                    // the download as complete; users reported "every
+                    // file capped at 256 KB" because every download
+                    // that hit this failure path landed there. Common
+                    // triggers: Apps Script stripping Content-Range,
+                    // origin returning 200-instead-of-206 on later
+                    // chunks, total mismatch across chunks. Correct
+                    // recovery is a fresh single GET — Apps Script
+                    // fetches the full URL up to its 50 MiB cap. Slow
+                    // for big files vs. the parallel path but produces
+                    // a complete response, which is what matters.
                     tracing::warn!(
-                        "range-parallel: invalid chunk {}-{} for {} ({}); falling back to probe response",
-                        start,
-                        end,
-                        url,
-                        reason,
+                        "range-parallel: invalid chunk {}-{} for {} ({}); falling back to single GET",
+                        start, end, url, reason,
                     );
-                    return rewrite_206_to_200(&first);
+                    return self.relay(method, url, headers, body).await;
                 }
             }
         }
 
         if (full.len() as u64) != total {
+            // Same fallback rationale as the chunk-validation case
+            // above: returning the probe truncates to 256 KiB. Single
+            // GET is the only way to give the user a complete file
+            // when the parallel stitch can't be trusted.
             tracing::warn!(
-                "range-parallel: stitched {}/{} bytes for {}; falling back to probe response",
+                "range-parallel: stitched {}/{} bytes for {}; falling back to single GET",
                 full.len(), total, url,
             );
-            return rewrite_206_to_200(&first);
+            return self.relay(method, url, headers, body).await;
         }
 
         // Build a 200 OK with Content-Length = full body length. Drop