titanium-web-proxy
titanium-web-proxy copied to clipboard
justcoding121
Do I need to install a new certificate for IOS every time I start the program? Failure without installation?
Do I need to install a new certificate for IOS every time I start the program? Failure without installation?
proxyServer.CertificateManager.CreateRootCertificate(false); proxyServer.CertificateManager.TrustRootCertificate(); proxyServer.CertificateManager.TrustRootCertificateAsAdmin(); //File.WriteAllBytes(" ca.cer",proxyServer.CertificateManager.RootCertificate.Export(System.Security.Cryptography.X509Certificates.X509ContentType.Cert));
You don't have to create and trust it every time... just create it once, store it somewhere and in the next start set it before you start the proxy.
I will, thank you, I want to know, if I don't modify the network data, can I let users do not need trust certificates? Like an HTTP proxy server. What's more, if I want the user to enter the account and password, my server can do the verification code?
Yes, of couse it is possible to use proxy without own certificates. In this case you can see in TWP only the HTTP traffic (and you can even modify that) and the encrypted HTTPS traffic.
You mean proxy server authentication? Yes, you can require that from the users.
If I do n’t set a certificate and the user uses a proxy, can https work properly? Can I intercept it? I don't want to modify the data, I just want to monitor, I want the user to enter the authentication, but how can I verify the authentication he entered in the code?
Yes, it works properly, but you see only the entrypted data. So only the connect request then the data which goes through the tunnel. Not able to see the decrpyted HTTP requests/responses. This is why you need the own certificate. It does not matter whether you want to modify the request or not.
Authentication: Check the proxyServer.ProxyBasicAuthenticateFunc property.
What do you mean by your own certificate? Is it to request an SSL certificate for a public website? Or, as in the project, set the root certificate, and then distribute a certificate to the customer for installation? If the customer doesn't install it, there's no way, right?
If the customer doesn't install the root certificate, you are not able to see the decrypted traffic... that is the purpose or SSL...
Can't I have the HTTP proxy server forward his HTTPS data intact? I don't need a certificate? I checked the related articles on the Internet. The HTTP proxy used by the crawler and the HTTPS protocol supported do not require the customer to install the certificate, which is to forward the data intact
You can forward the encrypted stream without installing a certificate... this is what I wrote you 21 hours ago. And it will work properly... (of course you won't see the decrypted traffic in TWP)
So:
1st. DecryptSsl: true Root certificate is needed and it should be trusted on the customer device HTTP: forward, access the not encrypted data (for example HTML source), modify HTTPS: forward, access the decrypted data (for example HTML source), modify
2nd: DecryptSsl: false No certificate needed in TWP or in the client device HTTP: forward, access the not encrypted data (for example HTML source), modify HTTPS: forward, access only the encrypted data (no HTML source), not possible to modify
Don't do business, brother. I understand. Because my English is poor, I can only use translation software. I may not understand something, but if I write code, I will understand what I say. For example, decryptssl: false, I get it. Thank you very much. If I knew what the Chinese meaning of decrypt was, I might have understood it for a long time, but it's a pity. Thank you.
By the way, I'll ask you again. Maybe I have a little more questions. Excuse me, can the SDK use a secondary agent? For example, the first time a user connects to IP 6.6.6.6, the actual IP I forward through the server is 1.1.1.1, and the second connection is automatically forwarded to 2.2.2.2, but the IP of each connection is 6.6.6.6
I mean, I use titanium.web.proxy to build an HTTP proxy. The user connects to my HTTP proxy. After receiving the request, my server will use the HTTP proxy to server B again through the transit method
Sorry, I dont understand.
TWP is running on machine 6.6.6.6, right?
Client has for exmaple 1.2.3.4.
Client loads a webpage on 1.1.1.1 through TWP proxy (6.6.6.6), right?
Them client loads a webpage on 2.2.2.2 through TWP proxy (6.6.6.6), right?
Yes, the client 1.2.3.4 connects to the server 6.6.6.6, the server connects to the 1.1.1.1 server, and then receives the data and sends it back to the client so that the user can see that the ip displayed by him is not connected by himself server.
Ok, and then the clients loads a webpage on 2.2.2.2.... what is the problem?
I mean to be an HTTP proxy that dynamically changes IP. , so the IP of the primary server connected by the user is the same, but the IP may change every time the user accesses.
there is no hostname for 1.1.1.1, right?
So the client connects to http://1.1.1.1/xx (through proxy 6.6.6.6)
In this case you can change the request uri in the beforerequest handler:
proxyServer.BeforeRequest += onRequest;
private async Task onRequest(object sender, SessionEventArgs e)
{
if (e.HttpClient.Request.Url.Contains("1.1.1.1"))
{
e.HttpClient.Request.Url = e.HttpClient.Request.Url.Replace("1.1.1.1", "2.2.2.2");
}
}
But this is only for HTTP... for HTTPS you need DecrpytSsl true
No, I don't mean to modify the URL. I mean to set the HTTP proxy on server 6.6.6.6 and connect to another server proxy 8.8.8.8
It is called UpStreamProxy:
proxyServer.UpStreamHttpProxy = new ExternalProxy() { HostName = "2.2.2.2", Port = 8888 };
proxyServer.UpStreamHttpsProxy = new ExternalProxy() { HostName = "2.2.2.2", Port = 8888 };
If you want to count the traffic of each request, you need to calculate each request+
Is the amount of response data?
It is called UpStreamProxy:
proxyServer.UpStreamHttpProxy = new ExternalProxy() { HostName = "2.2.2.2", Port = 8888 }; proxyServer.UpStreamHttpsProxy = new ExternalProxy() { HostName = "2.2.2.2", Port = 8888 };
This project is so powerful. I've written everything. I've learned it. Thank you.
There is a GetCustomUpStreamProxyFunc function in ProxyServer, so you can dynamically set the proxy for each request.
But I'd like to change this behavior (I'll keep this propety for compatibility in v3.x).. i plan to add a new propety somewhere and then it will be possible to set the proxy in the beforerequest event handler.
For counting the traffic there are 2 events in the SessionEventArgs base class: DataSent and DataReceived. You can sum the byte counts in them.
If GetCustomUpStreamProxyFunc is modified, if two different users concurrently, the proxy request of these two people should be modified, right? Looking forward to your updates.
Sorry, I don't understand your question.
You can return the upstream proxy you want to use from GetCustomUpStreamProxyFunc for each request.
CustomUpStreamProxyUsed contains the propxy which was used by TWP.. it is readonly.
Yes, but you can sue the GetCustomUpStreamProxyFunc proeprty. It receives the current session arguemnts and you can return different upstream proxy for different requests.
Yes, but you can sue the GetCustomUpStreamProxyFunc proeprty. It receives the current session arguemnts and you can return different upstream proxy for different requests.
It is not clear whether it is possible to modify this external proxy in onrequest, not to modify the global external proxy in onrequest. Is there any code I can refer to? Are you American? Generally, what chat tools do you use? I would like to find a group to learn from. I also saw a project https://github.com/ThrDev/Socks5 if it can be compatible with twp.
GetCustomUpStreamProxyFunc is a functio nwhich is caleld for each request. You can return different proxy for each request. You don't have to modify the global upstream proxy.
I' hungarian. I have Skype.
The whole code is like this, is it OK? No other special settings, right?
What is your Skype account? I want to add you as a friend
No, the GetCustomUpStreamProxyFunc should set to your own function, and that function should return the proxy server.
Please check the sample project, everyting can be found there: https://github.com/justcoding121/Titanium-Web-Proxy/blob/master/examples/Titanium.Web.Proxy.Examples.Basic/ProxyTestController.cs
Skype: honfika_2
Arg parameter in ongetcustomupstreamproxyfunc,
Arg.clientendpoint.address gets the IP address of the user,
Arg.httpclient.request.requesturi get the URL currently accessed by the user, right? Then according to my own needs, return to different external agents, am I right? In the ongetcustomupstreamproxyfunc method, is every onrequest event the ongetcustomupstreamproxyfunc will be activated? Every request, it should be entered into this function, right?
If you don't want to return the external agent in ongetcustomupstreamproxyfunc, you can return null?
In onbeforetunnelconnectrequest, can you know whether the other party has installed the certificate? e.IsHttpsConnect? e.IsTransparent? e.IsHttps?
Do you know why cer files are imported into Android 7.0 or above system certificates, and why they don't work?
openssl x509 -inform DER -in cacert.der -out cacert.pem openssl x509 -inform PEM -subject_hash_old -in cacert.pem Modify the file name to 3dcac768.0
Put it in / system / etc / security / cacerts/ The system certificate can detect the certificate, but the browser still can't access the HTTPS protocol, and the app can't grab the HTTPS
I have a suggestion that if the socket monitored by tcp_listen does not conform to the HTTP proxy protocol, request to return a tcplistener to me, which has made me the same port, compatible with HTTP and Socks5 protocol. Use with https://github.com/bbhxwl/socks5server project. I want to build a proxy server system
You mean return the TCPClient (or the Socket object) to the user in an event? for example
public event EvenrHandler<UnsuppoortedConnectionEventArgs> UnsupprtedConnection; in proxyServer class?
I can do that, but the first some bytes will be lost (what was already read by TWP to derermine whether it is a valid HTTP(S)/SOCKS request or not). Is that OK?
Another: I don't understand what should I do with your socks library. Socks 4/5 support was already added to TWP.
I just want to make a proxy server authentication management system. At present, http can be perfectly completed with your SDK. At present, .net core cannot perfectly implement socks5 proxy. If 2 protocols can be integrated in a port, it is perfect.
Yes, TWP now supports SOCKS4 and 5 (with username/password authentication in the latest beta package)
When was Socks5 support added? These days? When will the stable version be updated? There's only beta right now, right?
Yes, some days ago.
Stable version already supports SOCKS5. (without authenticateóion)
SOCKS5 username/passworw authentication was added in beta.
I'll release stable in this year.