http-proxy icon indicating copy to clipboard operation
http-proxy copied to clipboard

Published 20 hours ago verified publisher icon erikd

Example to modify response from server

Open roman opened this issue 11 years ago • 13 comments

Hello,

This is more a question rather than an issue/feature. Is there anyway to modify the response from the server in the proxy? I want to add extra script tags to the body.

I'm reading the code, but I can't find any clear entry hooks to do this. Any guidance is highly appreciated.

Cheers.

roman avatar Jun 12 '13 17:06 roman

Currently http-proxy does not compile or work correctly with the current versions of the Conduit library.

Once that is fixed it should be possible to do this.

erikd avatar Jun 12 '13 21:06 erikd

Hey!

Any news on this one?

Thanks.

vincentbernat avatar Mar 03 '15 07:03 vincentbernat

Sorry, been busy, but actually working on it this weekend.

erikd avatar Mar 07 '15 11:03 erikd

Just curious, what is it you want to modify, the response headers? The body? Both?

erikd avatar Aug 08 '15 00:08 erikd

BTW, the version here in GIt actually works (see https://travis-ci.org/erikd/http-proxy ) if you want to play with it.

erikd avatar Aug 08 '15 00:08 erikd

Hi, thanks a lot for this library.

I can't find the code that lets modify the response.

Has the feature been implemented ?

aculnaig

aculnaig avatar Mar 14 '19 20:03 aculnaig

Currently it is not possible to modify the response. It would be relatively easy to do this for HTTP, but not at all easy for HTTPS because for HTTPS connections the proxy simply acts as a transparent two way transport of encrypted bytes between the client and the server. The proxy could theoretically decode this encrypted stream, but not be able to modify them and then re-encrypt them (because the proxy does not have access to the private encryption key the server uses to perform encryption).

In order to decode and/or modify either the request or the response, would require the implementation of what is called a MITM (man-in-the-middle) feature. In this mode, the proxy generates its own SSL certificate and uses this SSL certificate to the client (which must manually accept it). The proxy then gets the request from the client, passes it upstream, retrieves the response and decodes it (where it could be modified), then re-encrypts it using its own SSL key. I am interested in doing this, i just have no idea when I may get it completed.

erikd avatar Apr 06 '19 06:04 erikd

I have some time this week that I would like to spend on a MITM feature. Libraries that I've used in other languages handle this by either 1) generating a CA cert or 2) accepting one as configuration, and minting + caching a short-lived certificate for each host name they proxy a request to. @erikd do you have an idea of how you'd like to see this implemented?

juturnas avatar Apr 15 '19 01:04 juturnas

I have a working proof of concept for this now, but it is very rough (I had to hack my way around my lack of conduit knowledge). I may clean it up soon and can open a PR if there is interest, otherwise feel free to ping me for code.

juturnas avatar Apr 18 '19 22:04 juturnas

I too have started thinking about this, but I am currently traveling for work. Let me get back to you on this.

I would also be happy to look at any code you have.

erikd avatar Apr 19 '19 14:04 erikd

I have been messing with this a bit and I think the best way to do it is to add a separate module for the MITM functionality. Obviously, whatever can be shared should be.

erikd avatar Apr 20 '19 14:04 erikd

@juturnas I would be really interested in seeing what you have. There are a number of ways of doing this and two that I have tried so far are problematic in one way or another.

erikd avatar Apr 21 '19 20:04 erikd

Any updates on this? Unless I'm misunderstanding, you can't easily implement a caching system currently, not interested in MITM SSL connection.

YellowOnion avatar Jul 19 '20 08:07 YellowOnion