Commit graph

17 commits

Author SHA1 Message Date
ggramaize d3a5129f1f [Security] Don't leak proxy credentials to target 2018-08-30 22:06:27 +05:30
ggramaize 64ad54f670 Fix RFC7235 violation 2018-08-28 22:44:04 +05:30
Barna Csorogi 6760ec46a2 use string instead of *string for Proxy.cert
Makes it easier to check for default values.
Fixes #37.
2018-04-06 12:37:45 +08:00
Barna Csorogi eb0b8469a9 use the correct signature algorithm for mitm certs
Use the signature algorithm of the provided CA rather than the one from
the server cert.
2018-02-05 01:37:10 +01:00
Barna Csorogi 47488248d2 add dummy implementation for mitmConn.LocalAddr()
Fixes panic due to unimplemented method when the stdlib http server
calls this under certain conditions.
For our mitm implementation of net.Conn, an empty address string should be sufficient.
2018-02-05 01:21:11 +01:00
Andrew Gaul f69a0b7e0e Serve diagnostics and CA certificate
Fixes #21.  Reference:

https://mtersch.wordpress.com/2015/03/17/certificate-import-in-firefox-on-android/
2017-08-20 21:59:04 -07:00
Andrew Gaul 703cb4adaf Check HTTP auth before allowing CONNECT 2017-08-20 21:57:07 -07:00
Andrew Gaul 69b89413bd Add optional HTTP BASIC authorization
Fixes #18.
2017-08-19 11:23:02 -07:00
Barna Csorogi 8ac256351f turn mitm conn Set[Read|Write]Deadline methods into noops
Timeouts should be handled by the http stack for the underlying tcp
connections so noops are appropriate for this virtual connection. No
need to panic.
2017-06-09 15:17:24 +02:00
Andrew Gaul 11a40b5051 Honor Accept-Encoding header in gzip transcoder
This avoids sending compressed data to clients which do not support
it.
2017-01-14 15:33:35 -08:00
Barna Csorogi 480053a71a fix: allow ResponseReader.Reader to be wrapped by transcoders
fixes -minify errors
2017-01-14 03:44:07 +01:00
Andrew Gaul 1d5b6eff72 Add logging for startup and transcoded bytes 2017-01-13 14:09:56 -08:00
Barna Csorogi f9a6377450 fix mitm for http1 proxy connections
Add back Hijacking support for http1.1 CONNECT requests.
2016-03-28 18:28:51 +02:00
Barna Csorogi fd53c9cb8c fix http requests over https proxy connection
Reconstruct the schema of the proxied request if it's not filled out.
2016-03-26 19:02:40 +01:00
Barna Csorogi a4a691b7b8 add http2 support
Add http2 using the go-1.6 net/http built-in support.

net/http's http2 doesn't support hijacking, so instead of hijacking the
inital CONNECT tcp connection, tunnel proxied requests/responses over
the reader and writer streams of the CONNECT request.
2016-03-26 18:56:50 +01:00
Barna Csorogi 9bf55d29a9 proxy header-only responses properly
fixes redirects
2015-03-29 16:12:15 +02:00
Barna Csorogi 343bdd5266 initial commit 2015-03-28 23:07:40 +01:00