9seconds / httransform Goto Github PK

A framework to build precise and fast HTTP proxies.

License: MIT License

Go 99.35% Makefile 0.65%

proxy http-proxies mitm mitmproxy

httransform's Introduction

httransform

httransform is the library/framework to build your own HTTP proxies. It relies on high-performant and memory-efficient fasthttp library as HTTP base layer and can give you the ability to build a proxy where you can control every aspect.

Main features of this framework:

Support of HTTP (plain HTTP) proxy protocol.
Support of HTTPS (with CONNECT method) protocol. This library does MITM and provides the possibility to generate TLS certificates for the hosts on-the-fly.
Keeps and maintains the order of headers and their case (no normalization).
Supports the concept of layers or middlewares which process HTTP requests and responses.
Supports custom executors: a function which converts HTTP requests to HTTP responses. Allowing your proxy to fetch the data from other services, which are not necessarily HTTP. The executor simply converts HTTP request structure to HTTP response.
Can support connection upgrades (this includes websockets) with an ability to look into them.

Please check the full documentation for more details.

Example

Just a small example to give you the feeling of how it all looks like:

package main

import (
	"context"
	"net"
	"os"
	"os/signal"
	"syscall"
	"time"

	"github.com/9seconds/httransform/v2"
	"github.com/9seconds/httransform/v2/auth"
	"github.com/9seconds/httransform/v2/layers"
)

// These are generates examples of self-signed certificates
// to simplify the example.
var caCert = []byte(`-----BEGIN CERTIFICATE-----
MIICWzCCAcSgAwIBAgIJAJ34yk7oiKv5MA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV
BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX
aWRnaXRzIFB0eSBMdGQwHhcNMTgxMjAyMTQyNTAyWhcNMjgxMTI5MTQyNTAyWjBF
MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50
ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
gQDL7Hzfmx7xfFWTRm26t/lLsCZwOri6VIzp2dYM5Hp0dV4XUZ+q60nEbHwN3Usr
GKAK/Rsr9Caam3A18Upn2ly69Tyr29kVK+PlsOgSSCUnAYcqT166/j205n3CGNLL
OPtQKfAT/iH3dPBObd8N4FR9FlXiYIiAp1opCbyu2mlHiwIDAQABo1MwUTAdBgNV
HQ4EFgQUOJ+uGtIhHxXHPNESBNI4YbwAl+wwHwYDVR0jBBgwFoAUOJ+uGtIhHxXH
PNESBNI4YbwAl+wwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOBgQCW
s7P0wJ8ON8ieEJe4pAfACpL6IyhZ5YK/C/hip+czxdvZHc5zngVwHP2vsIcHKBTr
8qXoHgh2gaXqwn8kRVNnZzWrxgSe8IR3oJ2yTbLAxqDS42SPfRLAUpy9sK/tEEGM
rMk/LWMzH/S6bLcsAm0GfVIrUNfg0eF0ZVIjxINBVA==
-----END CERTIFICATE-----`)

var caPrivateKey = []byte(`-----BEGIN PRIVATE KEY-----
MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAMvsfN+bHvF8VZNG
bbq3+UuwJnA6uLpUjOnZ1gzkenR1XhdRn6rrScRsfA3dSysYoAr9Gyv0JpqbcDXx
SmfaXLr1PKvb2RUr4+Ww6BJIJScBhypPXrr+PbTmfcIY0ss4+1Ap8BP+Ifd08E5t
3w3gVH0WVeJgiICnWikJvK7aaUeLAgMBAAECgYAk+/kR3OJZzcD/evB/wsoV7haq
mBvUv2znJLjrkayb3oV4GTeqGg5A76P4J8BwSoEMPSdma1ttAu/w+JgUCchzVPwU
34Sr80mYawOmGVGJsDnrrYA2w51Nj42e71pmRc9IqNLwFEhW5Uy7eASf3THJMWDl
F2M6xAVYr+X0eKLf4QJBAO8lVIIMnzIReSZukWBPp6GKmXOuEkWeBOfnYC2HOVZq
1M/E6naOP2MBk9CWG4o9ysjcZ1hosi3/txxrc8VmBAkCQQDaS651dpQ3TRE//raZ
s79ZBEdMCMlgXB6CPrZpvLz/3ZPcLih4MJ59oVkeFHCNct7ccQcQu4XHMGNBIRBh
kpvzAkEAlS/AjHC7T0y/O052upJ2jLweBqBtHaj6foFE6qIVDugOYp8BdXw/5s+x
GsrJ22+49Z0pi2mk3jVMUhpmWprNoQJBANdAT0v2XFpXfQ38bTQMYT82j9Myytdg
npjRm++Rs1AdvoIbZb52OqIoqoaVoxJnVchLD6t5LYXnecesAcok1e8CQEKB7ycJ
6yVwnBE3Ua9CHcGmrre6HmEWdPy1Zyb5DQC6duX46zEBzti9oWx0DJIQRZifeCvw
4J45NsSQjuuAAWs=
-----END PRIVATE KEY-----`)

func main() {
	// Root context is crucial here. When root context is closed, a
	// proxy is shutdown.
	ctx, cancel := context.WithCancel(context.Background())
	defer cancel()

	// For demo purpose we are going to close by SIGINT and SIGTERM
	// signals.
	signals := make(chan os.Signal, 1)

	signal.Notify(signals, syscall.SIGINT, syscall.SIGTERM)

	go func() {
		for range signals {
			cancel()
		}
	}()

	// Filter layer is required if you want to drop request
	// which are made to you internal networks.
	filterLayer, err := layers.NewFilterSubnetsLayer([]net.IPNet{
		{IP: net.ParseIP("127.0.0.0"), Mask: net.CIDRMask(8, 32)},
		{IP: net.ParseIP("172.16.0.0"), Mask: net.CIDRMask(12, 32)},
		{IP: net.ParseIP("10.0.0.0"), Mask: net.CIDRMask(8, 32)},
		{IP: net.ParseIP("192.168.0.0"), Mask: net.CIDRMask(16, 32)},
	})
	if err != nil {
		panic(err)
	}

	opts := httransform.ServerOpts{
		TLSCertCA:     caCert,
		TLSPrivateKey: caPrivateKey,
		// We are going to use basic proxy authorization with username
		// 'user' and password 'password'.
		Authenticator: auth.NewBasicAuth(map[string]string{
			"user": "password",
		}),
		Layers: []layers.Layer{
			filterLayer,
			// This guy will remove Proxy headers from the request.
			layers.ProxyHeadersLayer{},
			// This guy is going to limit request processing time to 3
			// minutes.
			layers.TimeoutLayer{
				Timeout: 3 * time.Minute,
			},
		},
	}

	proxy, err := httransform.NewServer(ctx, opts)
	if err != nil {
		panic(err)
	}

	// We bind our proxy to the port 3128 and all interfaces.
	listener, err := net.Listen("tcp", ":3128")
	if err != nil {
		panic(err)
	}

	if err := proxy.Serve(listener); err != nil {
		panic(err)
	}
}

This will create an HTTP proxy on 127.0.0.1:3128. It will also require authentication (user and password) and will remove the Proxy-Authorization header before sending the request further.

v1 version

Version 1 is not supported anymore. Please use version 2. Version 2 has a lot of breaking changes but which really help to maintain a package.

Unfortunately, I cannot enumerate all of them and I understand that it is going to make your life painful in some moments. Sorry for that. v2 was a complete rewrite and I assume that given a size of this library, it won't take a lot of time for you to migrate. But if you have any questions, feel free to open an issue. I'm happy to help.

httransform's People

Contributors

Stargazers

Watchers

Forkers

imduffy15 ldaneliukas csu-anzai csu-xiao-an azlotnikov zergey elipskiy geronsv

httransform's Issues

Only one Set-Cookie header in response

in headerset.go func (hs *HeaderSet) SetBytes(key []byte, value []byte)

        if position, ok := hs.index[lowerKey]; ok {
		hs.values[position].Value = value
	} else {
		newHeader := getHeader()
		newHeader.ID = lowerKey
		newHeader.Key = append(newHeader.Key, key...)
		newHeader.Value = append(newHeader.Value, value...)
		hs.values = append(hs.values, newHeader)
		hs.index[lowerKey] = len(hs.values) - 1
	}

When lowerKey=set-cookie only the last one cookie will remain.

Can be easily checked with curl

curl -I -X GET -x http://127.0.0.1:64890 https://mail.ru -k

1 cookie in response

curl -I -X GET https://mail.ru -k

2 cookies in response

Proxy example doesn't work with https://golang.org

Hi,

MacOS 11 intel-mac, golang 1.15.12, example from here - https://github.com/9seconds/httransform#example ,

MacBook-Pro:golang1.15.12 mixadior$ curl -Gvk --proxy http://user:[email protected]:3128 https://golang.org/
*   Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to 127.0.0.1 (127.0.0.1) port 3128 (#0)
* allocate connect buffer!
* Establish HTTP proxy tunnel to golang.org:443
* Proxy auth using Basic with user 'user'
> CONNECT golang.org:443 HTTP/1.1
> Host: golang.org:443
> Proxy-Authorization: Basic dXNlcjpwYXNzd29yZA==
> User-Agent: curl/7.64.1
> Proxy-Connection: Keep-Alive
>
< HTTP/1.1 200 OK
< Content-Length: 0
* Ignoring Content-Length in CONNECT 200 response
<
* Proxy replied 200 to CONNECT request
* CONNECT phase completed!
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/cert.pem
  CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* CONNECT phase completed!
* CONNECT phase completed!
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server did not agree to a protocol
* Server certificate:
*  subject: CN=golang.org
*  start date: May 31 14:15:10 2021 GMT
*  expire date: Sep  1 14:15:10 2021 GMT
*  issuer: C=AU; ST=Some-State; O=Internet Widgits Pty Ltd
*  SSL certificate verify result: self signed certificate in certificate chain (19), continuing anyway.
> GET / HTTP/1.1
> Host: golang.org
> User-Agent: curl/7.64.1
> Accept: */*
>
* TLSv1.2 (IN), TLS alert, close notify (256):
* Connection #0 to host 127.0.0.1 left intact
* Closing connection 0
MacBook-Pro:golang1.15.12 mixadior$

At the same time https://httpbin.org/ip works:

MacBook-Pro:golang1.15.12 mixadior$ curl -Gvk --proxy http://user:[email protected]:3128 https://httpbin.org/ip
*   Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to 127.0.0.1 (127.0.0.1) port 3128 (#0)
* allocate connect buffer!
* Establish HTTP proxy tunnel to httpbin.org:443
* Proxy auth using Basic with user 'user'
> CONNECT httpbin.org:443 HTTP/1.1
> Host: httpbin.org:443
> Proxy-Authorization: Basic dXNlcjpwYXNzd29yZA==
> User-Agent: curl/7.64.1
> Proxy-Connection: Keep-Alive
>
< HTTP/1.1 200 OK
< Content-Length: 0
* Ignoring Content-Length in CONNECT 200 response
<
* Proxy replied 200 to CONNECT request
* CONNECT phase completed!
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/cert.pem
  CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* CONNECT phase completed!
* CONNECT phase completed!
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server did not agree to a protocol
* Server certificate:
*  subject: CN=httpbin.org
*  start date: May 31 14:16:02 2021 GMT
*  expire date: Sep  1 14:16:02 2021 GMT
*  issuer: C=AU; ST=Some-State; O=Internet Widgits Pty Ltd
*  SSL certificate verify result: self signed certificate in certificate chain (19), continuing anyway.
> GET /ip HTTP/1.1
> Host: httpbin.org
> User-Agent: curl/7.64.1
> Accept: */*
>
< HTTP/1.1 200 OK
< Server: gunicorn/19.9.0
< Date: Tue, 01 Jun 2021 14:20:09 GMT
< Content-Type: application/json
< Content-Length: 33
< Access-Control-Allow-Origin: *
< Access-Control-Allow-Credentials: true
< Connection: close
<
{
  "origin": "178.150.141.27"
}
* Closing connection 0
* TLSv1.2 (OUT), TLS alert, close notify (256):
MacBook-Pro:golang1.15.12 mixadior$

Seems Content-Length > 0 works, but streaming - doesn't:

MacBook-Pro:golang1.15.12 mixadior$ curl -Gvk --proxy http://user:[email protected]:3128 https://httpbin.org/stream/25
*   Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to 127.0.0.1 (127.0.0.1) port 3128 (#0)
* allocate connect buffer!
* Establish HTTP proxy tunnel to httpbin.org:443
* Proxy auth using Basic with user 'user'
> CONNECT httpbin.org:443 HTTP/1.1
> Host: httpbin.org:443
> Proxy-Authorization: Basic dXNlcjpwYXNzd29yZA==
> User-Agent: curl/7.64.1
> Proxy-Connection: Keep-Alive
>
< HTTP/1.1 200 OK
< Content-Length: 0
* Ignoring Content-Length in CONNECT 200 response
<
* Proxy replied 200 to CONNECT request
* CONNECT phase completed!
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/cert.pem
  CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* CONNECT phase completed!
* CONNECT phase completed!
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server did not agree to a protocol
* Server certificate:
*  subject: CN=httpbin.org
*  start date: May 31 14:16:02 2021 GMT
*  expire date: Sep  1 14:16:02 2021 GMT
*  issuer: C=AU; ST=Some-State; O=Internet Widgits Pty Ltd
*  SSL certificate verify result: self signed certificate in certificate chain (19), continuing anyway.
> GET /stream/25 HTTP/1.1
> Host: httpbin.org
> User-Agent: curl/7.64.1
> Accept: */*
>
* TLSv1.2 (IN), TLS alert, close notify (256):
* Connection #0 to host 127.0.0.1 left intact
* Closing connection 0
MacBook-Pro:golang1.15.12 mixadior$

It's a bug or i this is limitation of default executor and i should implement own executor with support of streaming?

Too small buffer size for response headers

Some sites (instagram for example) send large headers.
So the buffer size const bufioReaderSize = 1024 * 4 is not enough

Maybe we can have this option moved into config?

For instagram it was enough to set const bufioReaderSize = 1024 * 5

Cloudflare somehow detects and blocks httransform

Hi,

Small intro: i use proxy server build on top of httransform lib in combination with google chrome (passing cli flag --proxy-server=127.0.0.1:3128).

proxy code:

package main

import (
    "context"
    "net"
    "os"
    "os/signal"
    "syscall"
    "time"

    "github.com/9seconds/httransform/v2"
    "github.com/9seconds/httransform/v2/layers"
)

// These are generates examples of self-signed certificates
// to simplify the example.
var caCert = []byte(`-----BEGIN CERTIFICATE-----
MIICWzCCAcSgAwIBAgIJAJ34yk7oiKv5MA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV
BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX
aWRnaXRzIFB0eSBMdGQwHhcNMTgxMjAyMTQyNTAyWhcNMjgxMTI5MTQyNTAyWjBF
MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50
ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
gQDL7Hzfmx7xfFWTRm26t/lLsCZwOri6VIzp2dYM5Hp0dV4XUZ+q60nEbHwN3Usr
GKAK/Rsr9Caam3A18Upn2ly69Tyr29kVK+PlsOgSSCUnAYcqT166/j205n3CGNLL
OPtQKfAT/iH3dPBObd8N4FR9FlXiYIiAp1opCbyu2mlHiwIDAQABo1MwUTAdBgNV
HQ4EFgQUOJ+uGtIhHxXHPNESBNI4YbwAl+wwHwYDVR0jBBgwFoAUOJ+uGtIhHxXH
PNESBNI4YbwAl+wwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOBgQCW
s7P0wJ8ON8ieEJe4pAfACpL6IyhZ5YK/C/hip+czxdvZHc5zngVwHP2vsIcHKBTr
8qXoHgh2gaXqwn8kRVNnZzWrxgSe8IR3oJ2yTbLAxqDS42SPfRLAUpy9sK/tEEGM
rMk/LWMzH/S6bLcsAm0GfVIrUNfg0eF0ZVIjxINBVA==
-----END CERTIFICATE-----`)

var caPrivateKey = []byte(`-----BEGIN PRIVATE KEY-----
MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAMvsfN+bHvF8VZNG
bbq3+UuwJnA6uLpUjOnZ1gzkenR1XhdRn6rrScRsfA3dSysYoAr9Gyv0JpqbcDXx
SmfaXLr1PKvb2RUr4+Ww6BJIJScBhypPXrr+PbTmfcIY0ss4+1Ap8BP+Ifd08E5t
3w3gVH0WVeJgiICnWikJvK7aaUeLAgMBAAECgYAk+/kR3OJZzcD/evB/wsoV7haq
mBvUv2znJLjrkayb3oV4GTeqGg5A76P4J8BwSoEMPSdma1ttAu/w+JgUCchzVPwU
34Sr80mYawOmGVGJsDnrrYA2w51Nj42e71pmRc9IqNLwFEhW5Uy7eASf3THJMWDl
F2M6xAVYr+X0eKLf4QJBAO8lVIIMnzIReSZukWBPp6GKmXOuEkWeBOfnYC2HOVZq
1M/E6naOP2MBk9CWG4o9ysjcZ1hosi3/txxrc8VmBAkCQQDaS651dpQ3TRE//raZ
s79ZBEdMCMlgXB6CPrZpvLz/3ZPcLih4MJ59oVkeFHCNct7ccQcQu4XHMGNBIRBh
kpvzAkEAlS/AjHC7T0y/O052upJ2jLweBqBtHaj6foFE6qIVDugOYp8BdXw/5s+x
GsrJ22+49Z0pi2mk3jVMUhpmWprNoQJBANdAT0v2XFpXfQ38bTQMYT82j9Myytdg
npjRm++Rs1AdvoIbZb52OqIoqoaVoxJnVchLD6t5LYXnecesAcok1e8CQEKB7ycJ
6yVwnBE3Ua9CHcGmrre6HmEWdPy1Zyb5DQC6duX46zEBzti9oWx0DJIQRZifeCvw
4J45NsSQjuuAAWs=
-----END PRIVATE KEY-----`)

func main() {
    // Root context is crucial here. When root context is closed, a
    // proxy is shutdown.
    ctx, cancel := context.WithCancel(context.Background())
    defer cancel()

    // For demo purpose we are going to close by SIGINT and SIGTERM
    // signals.
    signals := make(chan os.Signal, 1)

    signal.Notify(signals, syscall.SIGINT, syscall.SIGTERM)

    go func() {
        for range signals {
            cancel()
        }
    }()

    // Filter layer is required if you want to drop request
    // which are made to you internal networks.
    filterLayer, err := layers.NewFilterSubnetsLayer([]net.IPNet{
        {IP: net.ParseIP("127.0.0.0"), Mask: net.CIDRMask(8, 32)},
        {IP: net.ParseIP("172.16.0.0"), Mask: net.CIDRMask(12, 32)},
        {IP: net.ParseIP("10.0.0.0"), Mask: net.CIDRMask(8, 32)},
        {IP: net.ParseIP("192.168.0.0"), Mask: net.CIDRMask(16, 32)},
    })
    if err != nil {
        panic(err)
    }

    opts := httransform.ServerOpts{
        TLSCertCA:     caCert,
        TLSPrivateKey: caPrivateKey,
        // We are going to use basic proxy authorization with username
        // 'user' and password 'password'.
        //Authenticator: auth.NewBasicAuth(map[string]string{
        //    "user": "password",
        //}),
        Layers: []layers.Layer{
            filterLayer,
            // This guy will remove Proxy headers from the request.
            layers.ProxyHeadersLayer{},
            // This guy is going to limit request processing time to 3
            // minutes.
            layers.TimeoutLayer{
                Timeout: 3 * time.Minute,
            },
        },
        TLSSkipVerify: false,
    }

    proxy, err := httransform.NewServer(ctx, opts)
    if err != nil {
        panic(err)
    }

    // We bind our proxy to the port 3128 and all interfaces.
    listener, err := net.Listen("tcp", ":3128")
    if err != nil {
        panic(err)
    }

    if err := proxy.Serve(listener); err != nil {
        panic(err)
    }
}

i open site https://www.meretdemeures.com/ and with proxy i receive Error 1020 and without proxy page is ok.
i understand, that this is kinda offtopic, if it is - just close issue. But seems cloudflare detects that SSL connection is hijacked and blocks such requests. Is it possible to turn off hijacking and use httransform as chaining proxy?

Thx for help.

"tls: handshake failure" error for some hosts

Found this error while trying to connect to angel.co

Cannot fetch from upstream: cannot send a request: remote error: tls: handshake failure

Error occuries with proxy chain executor and without it

ln, _ := net.Listen("tcp", ":3128")
srv, _ := httransform.NewServer(httransform.ServerOpts{
        CertCA:   caCert,
	CertKey:  caPrivateKey,
})
srv.Serve(ln)

curl -k --proxy localhost:3128 https://angel.co

Send on closed channel panic

runtime.fatalpanic at panic.go:690
runtime.gopanic at panic.go:565
runtime.chansend at chan.go:252
runtime.chansend1 at chan.go:127
github.com/9seconds/httransform/ca.(*CA).Get at ca.go:72
github.com/9seconds/httransform.(*Server).makeHijackHandler.func1 at server.go:96
github.com/valyala/fasthttp.hijackConnHandler at server.go:2150
runtime.goexit at asm_amd64.s:1337
 - Async stack trace
github.com/valyala/fasthttp.(*Server).serveConn at server.go:2110

After srv.Shutdown() some requests still being processed, but certs channels already closed, i tried to create code, that reproduce problem, but failed.

Create chaining proxy
Set it in browser
Actively open https sites
Shutdown in separate goroutine server, continuing opening sites in browser
Panic

It reproduces well, when you actively use headless browsers and do big requests amount.

Question: is it really to rotate MakeProxyChainExecutor on-the-fly?

I've just tried to build a proxy server with your package and have one question: can I rotate proxies inside server per-request on-the-fly?
Thanks.

9seconds / httransform Goto Github PK

httransform's Introduction

httransform

Example

v1 version

httransform's People

Contributors

Stargazers

Watchers

Forkers

httransform's Issues

Only one Set-Cookie header in response

Proxy example doesn't work with https://golang.org

Too small buffer size for response headers

Cloudflare somehow detects and blocks httransform

"tls: handshake failure" error for some hosts

Send on closed channel panic

Question: is it really to rotate MakeProxyChainExecutor on-the-fly?

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent