HTTP Man In The Middle (MITM) Proxy written in node.js. Supports capturing and modifying the request and response data.
Install
npm install --save http-mitm-proxy
Node.js Compatibility
The library should work starting Node.js 8.x, but testing is only expected for currently supported LTS versions of Node.js starting Node.js 12.x . use on your own risk with non LTS Node.js versions.
Typescript
type definitions are now included in this project, no extra steps required.
Example
This example will modify any search results coming from google and replace all the result titles with "Pwned!".
Using node-forge allows the automatic generation of SSL certificates within the proxy. After running your app you will find options.sslCaDir + '/certs/ca.pem' which can be imported to your browser, phone, etc.
Allows you to handle missing certificate files for current request, for example, creating them on the fly.
Arguments
ctx - Context with the following properties
hostname - The hostname which requires certificates
data.keyFileExists - Whether key file exists or not
data.certFileExists - Whether certificate file exists or not
files - missing files names (files.keyFile, files.certFile and optional files.hosts)
callback - The function to be called to pass certificate data back (keyFileData and certFileData)
Example 1
proxy.onCertificateMissing = function(ctx, files, callback) {
console.log('Looking for "%s" certificates', ctx.hostname);
console.log('"%s" missing', ctx.files.keyFile);
console.log('"%s" missing', ctx.files.certFile);
// Here you have the last chance to provide certificate files data
// A tipical use case would be creating them on the fly
//
// return callback(null, {
// keyFileData: keyFileData,
// certFileData: certFileData
// });
};
node-http-mitm-proxy provide some ready to use modules:
Proxy.gunzip Gunzip response filter (uncompress gzipped content before onResponseData and compress back after)
Proxy.wildcard Generates wilcard certificates by default (so less certificates are generated)
Context
ctx.addRequestFilter(stream)
Adds a stream into the request body stream.
Arguments
stream - The read/write stream to add in the request body stream.
Example
ctx.addRequestFilter(zlib.createGunzip());
ctx.addResponseFilter(stream)
Adds a stream into the response body stream.
Arguments
stream - The read/write stream to add in the response body stream.
Example
ctx.addResponseFilter(zlib.createGunzip());
License
Copyright (c) 2015 Joe Ferner
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
请发表评论