@dev-swarup/http-mitm-proxy 0.9.6

package/eslint.config.mjs

@@ -0,0 +1,10 @@
+import pluginJs from "@eslint/js";
+import globals from "globals";
+
+export default [
+  {
+    files: ["**/*.{js,mjs,cjs,ts}"],
+  },
+  { languageOptions: { globals: globals.browser } },
+  pluginJs.configs.recommended,
+];

package/examples/forwardHttps.js

@@ -0,0 +1,62 @@
+'use strict';
+
+var port = 8081;
+var net = require('net');
+var assert = require('assert');
+var Proxy = require('../');
+var proxy = Proxy();
+
+proxy.onConnect(function(req, socket, head) {
+  var host = req.url.split(":")[0];
+  var port = req.url.split(":")[1];
+
+  console.log('Tunnel to', req.url);
+  var conn = net.connect({
+    port: port,
+    host: host,
+    allowHalfOpen: true
+  }, function(){
+    conn.on('finish', () => {
+      socket.destroy();
+    });
+    socket.on('close', () => {
+      conn.end();
+    });
+    socket.write('HTTP/1.1 200 OK\r\n\r\n', 'UTF-8', function(){
+      conn.pipe(socket);
+      socket.pipe(conn);
+    })
+  });
+
+  conn.on('error', function(err) {
+    filterSocketConnReset(err, 'PROXY_TO_SERVER_SOCKET');
+  });
+  socket.on('error', function(err) {
+    filterSocketConnReset(err, 'CLIENT_TO_PROXY_SOCKET');
+  });
+});
+
+// Since node 0.9.9, ECONNRESET on sockets are no longer hidden
+function filterSocketConnReset(err, socketDescription) {
+  if (err.errno === 'ECONNRESET') {
+    console.log('Got ECONNRESET on ' + socketDescription + ', ignoring.');
+  } else {
+    console.log('Got unexpected error on ' + socketDescription, err);
+  }
+}
+
+proxy.listen({ port }, function() {
+  console.log('Proxy server listening on ' + port);
+
+  var cmd = `curl -x http://localhost:${port} https://github.com/ | grep html`;
+  console.log('> ' + cmd);
+  require('child_process').exec(cmd, function (error, stdout, stderr) {
+    if (error) {
+      console.error(`exec error: ${error}`);
+      return;
+    }
+    console.log(`${stdout}`);
+    assert(/DOCTYPE/.test(stdout));
+    proxy.close();
+  });
+});

package/examples/modifyGoogle.js

@@ -0,0 +1,44 @@
+'use strict';
+
+var port = 8081;
+
+var Proxy = require('../');
+var proxy = Proxy();
+
+proxy.onError(function(ctx, err, errorKind) {
+  // ctx may be null
+  var url = (ctx && ctx.clientToProxyRequest) ? ctx.clientToProxyRequest.url : '';
+  console.error(errorKind + ' on ' + url + ':', err);
+});
+
+proxy.onRequest(function(ctx, callback) {
+  //console.log('REQUEST: http://' + ctx.clientToProxyRequest.headers.host + ctx.clientToProxyRequest.url);
+  if (ctx.clientToProxyRequest.headers.host == 'www.google.com'
+    && ctx.clientToProxyRequest.url.indexOf('/search') == 0) {
+    ctx.use(Proxy.gunzip);
+
+    ctx.onResponseData(function(ctx, chunk, callback) {
+      chunk = new Buffer(chunk.toString().replace(/<h3.*?<\/h3>/g, '<h3>Pwned!</h3>'));
+      return callback(null, chunk);
+    });
+  }
+  return callback();
+});
+
+proxy.onRequestData(function(ctx, chunk, callback) {
+  //console.log('request data length: ' + chunk.length);
+  return callback(null, chunk);
+});
+
+proxy.onResponse(function(ctx, callback) {
+  //console.log('RESPONSE: http://' + ctx.clientToProxyRequest.headers.host + ctx.clientToProxyRequest.url);
+  return callback(null);
+});
+
+proxy.onResponseData(function(ctx, chunk, callback) {
+  //console.log('response data length: ' + chunk.length);
+  return callback(null, chunk);
+});
+
+proxy.listen({ port: port });
+console.log('listening on ' + port);

package/examples/onCertificateMissing.js

@@ -0,0 +1,30 @@
+'use strict';
+
+var port = 8081;
+var path = require('path');
+
+var Proxy = require('../');
+var proxy = Proxy();
+
+proxy.onError(function(ctx, err, errorKind) {
+  // ctx may be null
+  var url = (ctx && ctx.clientToProxyRequest) ? ctx.clientToProxyRequest.url : '';
+  console.error(errorKind + ' on ' + url + ':', err);
+});
+
+proxy.onCertificateMissing = function(ctx, files, callback) {
+  console.log('Looking for "%s" certificates', ctx.hostname);
+  console.log('"%s" missing', ctx.files.keyFile);
+  console.log('"%s" missing', ctx.files.certFile);
+
+  // Here you have the last chance to provide certificate files data
+  // A tipical use case would be creating them on the fly
+  //
+  // return callback(null, {
+  //   key: keyFileData,
+  //   cert: certFileData
+  // });
+};
+
+proxy.listen({ port: port });
+console.log('listening on ' + port);

package/examples/onCertificateRequired.js

@@ -0,0 +1,23 @@
+'use strict';
+
+var port = 8081;
+var path = require('path');
+
+var Proxy = require('../');
+var proxy = Proxy();
+
+proxy.onError(function(ctx, err, errorKind) {
+  // ctx may be null
+  var url = (ctx && ctx.clientToProxyRequest) ? ctx.clientToProxyRequest.url : '';
+  console.error(errorKind + ' on ' + url + ':', err);
+});
+
+proxy.onCertificateRequired = function(hostname, callback) {
+  return callback(null, {
+    keyFile: path.resolve('/ca/certs/', hostname + '.key'),
+    certFile: path.resolve('/ca/certs/', hostname + '.crt')
+  });
+};
+
+proxy.listen({ port: port });
+console.log('listening on ' + port);

package/examples/preventRequest.js

@@ -0,0 +1,20 @@
+'use strict';
+
+var port = 8081;
+
+var Proxy = require('../');
+var proxy = Proxy();
+
+proxy.onError(function(ctx, err, errorKind) {
+  // ctx may be null
+  var url = (ctx && ctx.clientToProxyRequest) ? ctx.clientToProxyRequest.url : '';
+  console.error(errorKind + ' on ' + url + ':', err);
+});
+
+proxy.onRequest(function(ctx, callback) {
+  ctx.proxyToClientResponse.end('Hacked, you cannot proceed to the website');
+  // no callback() so proxy request is not sent to the server
+});
+
+proxy.listen({ port: port });
+console.log('listening on ' + port);

package/examples/processFullResponseBody.js

@@ -0,0 +1,36 @@
+'use strict';
+
+var port = 8081;
+
+var Proxy = require('../');
+var proxy = Proxy();
+
+proxy.onError(function(ctx, err, errorKind) {
+  // ctx may be null
+  var url = (ctx && ctx.clientToProxyRequest) ? ctx.clientToProxyRequest.url : '';
+  console.error(errorKind + ' on ' + url + ':', err);
+});
+
+proxy.use(Proxy.gunzip);
+
+proxy.onRequest(function(ctx, callback) {
+  var chunks = [];
+  ctx.onResponseData(function(ctx, chunk, callback) {
+    chunks.push(chunk);
+    return callback(null, null); // don't write chunks to client response
+  });
+  ctx.onResponseEnd(function(ctx, callback) {
+    var body = Buffer.concat(chunks);
+    if(ctx.serverToProxyResponse.headers['content-type'] && ctx.serverToProxyResponse.headers['content-type'].indexOf('text/html') === 0) {
+      body = body.toString().replace(/Lucky/g, 'Sexy');
+    }
+    ctx.proxyToClientResponse.write(body);
+    return callback();
+  });
+  callback();
+});
+
+
+
+proxy.listen({ port: port });
+console.log('listening on ' + port);

package/examples/removeProxyToServerContentLength.js

@@ -0,0 +1,17 @@
+'use strict';
+
+var port = 8081;
+
+var Proxy = require('../');
+var proxy = Proxy();
+
+proxy.onRequest(function(ctx, callback) {
+    if('content-length' in ctx.proxyToServerRequestOptions.headers) {
+        console.log(`found "content-length" header in request to "${ctx.proxyToServerRequestOptions.host}${ctx.proxyToServerRequestOptions.path}". Removing.`);
+        delete ctx.proxyToServerRequestOptions.headers['content-length'];
+    }
+    callback();
+});
+
+proxy.listen({ port: port });
+console.log('listening on ' + port);

package/examples/websocket.js

@@ -0,0 +1,31 @@
+'use strict';
+
+var port = 8081;
+
+var Proxy = require('../');
+var proxy = Proxy();
+
+proxy.onError(function(ctx, err, errorKind) {
+  // ctx may be null
+  var url = (ctx && ctx.clientToProxyRequest) ? ctx.clientToProxyRequest.url : '';
+  console.error(errorKind + ' on ' + url + ':', err);
+});
+proxy.onWebSocketConnection(function(ctx, callback) {
+  console.log('WEBSOCKET CONNECT:', ctx.clientToProxyWebSocket.upgradeReq.url);
+  return callback();
+});
+proxy.onWebSocketFrame(function(ctx, type, fromServer, message, flags, callback) {
+  console.log('WEBSOCKET FRAME ' + type + ' received from ' + (fromServer ? 'server' : 'client'), ctx.clientToProxyWebSocket.upgradeReq.url, message);
+  if (message) var hackedMessage = message.replace(/Rock it/ig, 'Hack it');
+  return callback(null, message, flags);
+});
+proxy.onWebSocketError(function(ctx, err) {
+  console.log('WEBSOCKET ERROR ', ctx.clientToProxyWebSocket.upgradeReq.url, err);
+});
+proxy.onWebSocketClose(function(ctx, code, message, callback) {
+  console.log('WEBSOCKET CLOSED BY '+(ctx.closedByServer ? 'SERVER' : 'CLIENT'), ctx.clientToProxyWebSocket.upgradeReq.url, code, message);
+  callback(null, code, message);
+});
+
+proxy.listen({ port: port });
+console.log('listening on ' + port);

package/examples/wildcard.js

@@ -0,0 +1,17 @@
+'use strict';
+
+var port = 8081;
+
+var Proxy = require('../');
+var proxy = Proxy();
+
+proxy.use(Proxy.wildcard);
+
+proxy.onError(function(ctx, err, errorKind) {
+  // ctx may be null
+  var url = (ctx && ctx.clientToProxyRequest) ? ctx.clientToProxyRequest.url : '';
+  console.error(errorKind + ' on ' + url + ':', err);
+});
+
+proxy.listen({ port: port });
+console.log('listening on ' + port);

package/index.d.ts

@@ -0,0 +1,314 @@
+//definitions by jason swearingen.  jasons aat novaleaf doot coom.  for node-htt-mitm-proxy v0.5.2.
+
+import http = require("http");
+import https = require("https");
+import net = require("net");
+
+declare namespace HttpMitmProxy {
+  export interface IProxyStatic {
+    (): IProxy;
+    /** mod to pass to the use() function: Gunzip response filter (uncompress gzipped content before onResponseData and compress back after)*/
+    gunzip: any;
+    /** mod to pass to the use() function: Generates wilcard certificates by default (so less certificates are generated)*/
+    wildcard: any;
+  }
+
+  export interface IProxyOptions {
+    /**port - The port or named socket to listen on (default: 8080).*/
+    port?: number;
+    /**host - The hostname or local address to listen on.*/
+    host?: string;
+    /** - Path to the certificates cache directory (default: process.cwd() + '/.http-mitm-proxy')*/
+    sslCaDir?: string;
+    /**  - enable HTTP persistent connection*/
+    keepAlive?: boolean;
+    /**  - The number of milliseconds of inactivity before a socket is presumed to have timed out. Defaults to no timeout. */
+    timeout?: number;
+    /**  - The http.Agent to use when making http requests. Useful for chaining proxys. (default: internal Agent) */
+    httpAgent?: http.Agent;
+    /** - The https.Agent to use when making https requests. Useful for chaining proxys. (default: internal Agent) */
+    httpsAgent?: https.Agent;
+    /** - force use of SNI by the client. Allow node-http-mitm-proxy to handle all HTTPS requests with a single internal server. */
+    forceSNI?: boolean;
+    /** - The port or named socket for https server to listen on. (forceSNI must be enabled) */
+    httpsPort?: number;
+    /** - Setting this option will remove the content-length from the proxy to server request, forcing chunked encoding */
+    forceChunkedRequest?: boolean;
+  }
+
+  export type IProxy = ICallbacks & {
+    /** Starts the proxy listening on the given port..  example: proxy.listen({ port: 80 }); */
+    listen(
+      /** An object with the following options: */ options?: IProxyOptions,
+      callback?: Function
+    ): void;
+    /** proxy.close
+         Stops the proxy listening.
+
+         Example
+
+         proxy.close(); */
+    close(): void;
+
+    address(): net.AddressInfo;
+
+    onCertificateRequired(
+      hostname: string,
+      callback: (
+        error: Error | undefined,
+        certDetails: { keyFile: string; certFile: string; hosts: string[] }
+      ) => void
+    ): void;
+    onCertificateMissing(
+      ctx: IContext,
+      files: any,
+      callback: (
+        error: Error | undefined,
+        certDetails: {
+          keyFileData: string;
+          certFileData: string;
+          hosts: string[];
+        }
+      ) => void
+    ): void;
+
+    //undocumented helpers
+    onConnect(
+      fcn: (
+        req: http.IncomingMessage,
+        socket: net.Socket,
+        head: any,
+        callback: (error?: Error) => void
+      ) => void
+    ): void;
+    onRequestHeaders(
+      fcn: (ctx: IContext, callback: (error?: Error) => void) => void
+    ): void;
+    onResponseHeaders(
+      fcn: (ctx: IContext, callback: (error?: Error) => void) => void
+    ): void;
+    onWebSocketConnection(
+      fcn: (ctx: IContext, callback: (error?: Error) => void) => void
+    ): void;
+    onWebSocketSend(
+      fcn: (
+        ctx: IContext,
+        message: any,
+        flags: any,
+        callback: (err: Error | undefined, message: any, flags: any) => void
+      ) => void
+    ): void;
+    onWebSocketMessage(
+      fcn: (
+        ctx: IContext,
+        message: any,
+        flags: any,
+        callback: (err: Error | undefined, message: any, flags: any) => void
+      ) => void
+    ): void;
+    onWebSocketFrame(
+      fcn: (
+        ctx: IContext,
+        type: any,
+        fromServer: boolean,
+        message: any,
+        flags: any,
+        callback: (err: Error | undefined, message: any, flags: any) => void
+      ) => void
+    ): void;
+    onWebSocketError(
+      fcn: (ctx: IContext, err: Error | undefined) => void
+    ): void;
+    onWebSocketClose(
+      fcn: (
+        ctx: IContext,
+        code: any,
+        message: any,
+        callback: (err: Error | undefined, code: any, message: any) => void
+      ) => void
+    ): void;
+
+    // onConnectHandlers:((req,socket,head,callback)=>void)[];
+    // onRequestHandlers:((ctx,callback)=>void)[];
+
+    options: IProxyOptions;
+    httpPort: number;
+    timeout: number;
+    keepAlive: boolean;
+    httpAgent: http.Agent;
+    httpsAgent: https.Agent;
+    forceSNI: boolean;
+    httpsPort?: number;
+    sslCaDir: string;
+  };
+
+  /** signatures for various callback functions */
+  export interface ICallbacks {
+    onError(
+      /**Adds a function to the list of functions to get called if an error occures.
+
+ Arguments
+
+ fn(ctx, err, errorKind) - The function to be called on an error.*/ callback: (
+        context: IContext,
+        err?: Error,
+        errorKind?: string
+      ) => void
+    ): void;
+
+    /** Adds a function to get called at the beginning of a request.
+
+         Arguments
+
+         fn(ctx, callback) - The function that gets called on each request.
+         Example
+
+         proxy.onRequest(function(ctx, callback) {
+           console.log('REQUEST:', ctx.clientToProxyRequest.url);
+           return callback();
+         }); */
+    onRequest(
+      fcn: (ctx: IContext, callback: (error?: Error) => void) => void
+    ): void;
+
+    onRequestData(
+      fcn: (
+        ctx: IContext,
+        chunk: Buffer,
+        callback: (error?: Error, chunk?: Buffer) => void
+      ) => void
+    ): void;
+
+    onRequestEnd(
+      fcn: (ctx: IContext, callback: (error?: Error) => void) => void
+    ): void;
+    /** Adds a function to get called at the beginning of the response.
+
+         Arguments
+
+         fn(ctx, callback) - The function that gets called on each response.
+         Example
+
+         proxy.onResponse(function(ctx, callback) {
+           console.log('BEGIN RESPONSE');
+           return callback();
+         }); */
+    onResponse(
+      fcn: (ctx: IContext, callback: (error?: Error) => void) => void
+    ): void;
+
+    onResponseData(
+      fcn: (
+        ctx: IContext,
+        chunk: Buffer,
+        callback: (error?: Error, chunk?: Buffer) => void
+      ) => void
+    ): void;
+
+    onResponseEnd(
+      fcn: (ctx: IContext, callback: (error?: Error) => void) => void
+    ): void;
+
+    /** Adds a module into the proxy. Modules encapsulate multiple life cycle processing functions into one object.
+
+             Arguments
+
+             module - The module to add. Modules contain a hash of functions to add.
+             Example
+
+             proxy.use({
+             onError: function(ctx, err) { },
+             onCertificateRequired: function(hostname, callback) { return callback(); },
+             onCertificateMissing: function(ctx, files, callback) { return callback(); },
+             onRequest: function(ctx, callback) { return callback(); },
+             onRequestData: function(ctx, chunk, callback) { return callback(null, chunk); },
+             onResponse: function(ctx, callback) { return callback(); },
+             onResponseData: function(ctx, chunk, callback) { return callback(null, chunk); },
+             onWebSocketConnection: function(ctx, callback) { return callback(); },
+             onWebSocketSend: function(ctx, message, flags, callback) { return callback(null, message, flags); },
+             onWebSocketMessage: function(ctx, message, flags, callback) { return callback(null, message, flags); },
+             onWebSocketError: function(ctx, err) {  },
+             onWebSocketClose: function(ctx, code, message, callback) {  },
+             });
+             node-http-mitm-proxy provide some ready to use modules:
+
+             Proxy.gunzip Gunzip response filter (uncompress gzipped content before onResponseData and compress back after)
+             Proxy.wildcard Generates wilcard certificates by default (so less certificates are generated) */
+    use(mod: any): void;
+  }
+
+  export type IContext = ICallbacks & {
+    isSSL: boolean;
+
+    /** may be set to true/false when dealing with websockets. */
+    closedByServer?: boolean;
+
+    clientToProxyRequest: http.IncomingMessage;
+    proxyToClientResponse: http.ServerResponse;
+    proxyToServerRequest: http.ClientRequest;
+    serverToProxyResponse: http.IncomingMessage;
+
+    /** instance of WebSocket object from https://github.com/websockets/ws */
+    clientToProxyWebSocket: any;
+    /** instance of WebSocket object from https://github.com/websockets/ws */
+    proxyToServerWebSocket: any;
+
+    /** user defined tags, initially constructed in the proxy-internals.tx proxy.onRequest() callback, you can add what you like here. */
+    tags: {
+      id: number;
+      uri: string;
+      /** ln 743 of proxy.js, hack to retry */
+      failedUpstreamCalls: number;
+      /** ln 743 of proxy.js, hack to retry */
+      retryProxyRequest: boolean;
+      [key: string]: any;
+    };
+
+    /**Adds a stream into the request body stream.
+
+ Arguments
+
+ stream - The read/write stream to add in the request body stream.
+ Example
+
+ ctx.addRequestFilter(zlib.createGunzip()); */
+    addRequestFilter(stream: any): void;
+    /** Adds a stream into the response body stream.
+
+ Arguments
+
+ stream - The read/write stream to add in the response body stream.
+ Example
+
+ ctx.addResponseFilter(zlib.createGunzip()); */
+    addResponseFilter(stream: any): void;
+
+    /** filters added by .addRequestFilter() */
+    requestFilters: any[];
+
+    /** filters added by .addResponseFilter() */
+    responseFilters: any[];
+
+    /** undocumented, allows adjusting the request in callbacks (such as .onRequest()) before sending  upstream (to proxy or target host)..
+     * FYI these values seem pre-populated with defaults based on the request, you can modify them to change behavior. */
+    proxyToServerRequestOptions: {
+      /** ex: "GET" */
+      method: string;
+      /** ex: "/success.txt" */
+      path: string;
+
+      /** example: "detectportal.firefox.com" */
+      host: string;
+      port: null;
+      headers: { [key: string]: string };
+      agent: http.Agent;
+    };
+
+    onResponseDataHandlers: Function[];
+    onResponseEndHandlers: Function[];
+  };
+}
+
+declare const HttpMitmProxy: HttpMitmProxy.IProxyStatic;
+export = HttpMitmProxy;
+export as namespace HttpMitmProxy;

package/index.js

@@ -0,0 +1,3 @@
+'use strict';
+
+module.exports = require('./lib/proxy');