szatox
Advocate
Joined: 27 Aug 2013
Posts: 3602
|
 Posted: Sat Jan 23, 2021 6:23 pm Post subject: What can I use to setup a "broken" http proxy? |
 |
|
I'm looking for a way to hijack traffic going through a http proxy and direct it to a specific upstream server.
So, the user configures his browser to use a http proxy, types the URL in the address bar, and the proxy forwards everything to the pre-defined server, ignoring Host: header from the request.
It seems to be trivial for HTTP traffic, there is nothing particular about those proxied requests so any reverse proxy should work just fine. However, I also want to support https there, and browsers use CONNECT method on the forward proxy before initiating https handshake with the destination server. Haproxy just passes this request to the backend instead of switching to TCP mode.
So I need something else: something that will look like a forward proxy from the client's perspective, and let me set upstream in the config file instead of resolving to DNS, just like a reverse proxy would behave.
Why?
I need an easy to use and reliable way to direct traffic incoming to a single URI to one server or another.
Browser-defined proxy is an easy enough and pretty reliable way to select a route. Now I just have to make sure those 2 don't converge, when the selected forward proxy asks the DNS what to do next.
Stuff like changing /etc/hosts and browser extensions for injecting http headers are not exactly what I call "user friendly". Like in: you can use them once or twice if you need to, but reconfiguring them daily would be a pain.
I do have a backup plan for that, but it's really messy, and I'd love to get a less hacky solution.
Oh, if someone knew a way to make haproxy do the trick, that would be awesome. Accept the CONNECT request and then forward the rest to the predefined server.
I doubt it's possible, but one can never be sure, so I'll leave it there. |
|
Networking & Security
