org.littleshoot.proxy.impl.ProxyUtils Java Examples

The following examples show how to use org.littleshoot.proxy.impl.ProxyUtils. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: AutoBasicAuthFilter.java    From CapturePacket with MIT License 6 votes vote down vote up
@Override
public HttpResponse clientToProxyRequest(HttpObject httpObject) {
    if (credentialsByHostname.isEmpty()) {
        return null;
    }

    if (httpObject instanceof HttpRequest) {
        HttpRequest httpRequest = (HttpRequest) httpObject;

        // providing authorization during a CONNECT is generally not useful
        if (ProxyUtils.isCONNECT(httpRequest)) {
            return null;
        }

        String hostname = getHost(httpRequest);

        // if there is an entry in the credentials map matching this hostname, add the credentials to the request
        String base64CredentialsForHostname = credentialsByHostname.get(hostname);
        if (base64CredentialsForHostname != null) {
            httpRequest.headers().add(HttpHeaders.Names.AUTHORIZATION, "Basic " + base64CredentialsForHostname);
        }
    }

    return null;
}
 
Example #2
Source File: AutoBasicAuthFilter.java    From AndroidHttpCapture with MIT License 6 votes vote down vote up
@Override
public HttpResponse clientToProxyRequest(HttpObject httpObject) {
    if (credentialsByHostname.isEmpty()) {
        return null;
    }

    if (httpObject instanceof HttpRequest) {
        HttpRequest httpRequest = (HttpRequest) httpObject;

        // providing authorization during a CONNECT is generally not useful
        if (ProxyUtils.isCONNECT(httpRequest)) {
            return null;
        }

        String hostname = getHost(httpRequest);

        // if there is an entry in the credentials map matching this hostname, add the credentials to the request
        String base64CredentialsForHostname = credentialsByHostname.get(hostname);
        if (base64CredentialsForHostname != null) {
            httpRequest.headers().add(HttpHeaders.Names.AUTHORIZATION, "Basic " + base64CredentialsForHostname);
        }
    }

    return null;
}
 
Example #3
Source File: HttpsHostCaptureFilter.java    From AndroidHttpCapture with MIT License 6 votes vote down vote up
@Override
public HttpResponse clientToProxyRequest(HttpObject httpObject) {
    if (httpObject instanceof HttpRequest) {
        HttpRequest httpRequest = (HttpRequest) httpObject;

        if (ProxyUtils.isCONNECT(httpRequest)) {
            Attribute<String> hostname = ctx.attr(AttributeKey.<String>valueOf(HttpsAwareFiltersAdapter.HOST_ATTRIBUTE_NAME));
            String hostAndPort = httpRequest.getUri();

            // CONNECT requests contain the port, even when using the default port. a sensible default is to remove the
            // default port, since in most cases it is not explicitly specified and its presence (in a HAR file, for example)
            // would be unexpected.
            String hostNoDefaultPort = BrowserMobHttpUtil.removeMatchingPort(hostAndPort, 443);
            hostname.set(hostNoDefaultPort);
        }
    }

    return null;
}
 
Example #4
Source File: HttpConnectHarCaptureFilter.java    From AndroidHttpCapture with MIT License 6 votes vote down vote up
public HttpConnectHarCaptureFilter(HttpRequest originalRequest, ChannelHandlerContext ctx, Har har, String currentPageRef) {
    super(originalRequest, ctx);

    if (har == null) {
        throw new IllegalStateException("Attempted har capture when har is null");
    }

    if (!ProxyUtils.isCONNECT(originalRequest)) {
        throw new IllegalStateException("Attempted HTTP CONNECT har capture on non-HTTP CONNECT request");
    }

    this.har = har;
    this.currentPageRef = currentPageRef;

    this.clientAddress = (InetSocketAddress) ctx.channel().remoteAddress();

    // create and cache an HTTP CONNECT timing object to capture timing-related information
    this.httpConnectTiming = new HttpConnectTiming();
    httpConnectTimes.put(clientAddress, httpConnectTiming);
}
 
Example #5
Source File: AutoBasicAuthFilter.java    From Dream-Catcher with MIT License 6 votes vote down vote up
@Override
public HttpResponse clientToProxyRequest(HttpObject httpObject) {
    if (credentialsByHostname.isEmpty()) {
        return null;
    }

    if (httpObject instanceof HttpRequest) {
        HttpRequest httpRequest = (HttpRequest) httpObject;

        // providing authorization during a CONNECT is generally not useful
        if (ProxyUtils.isCONNECT(httpRequest)) {
            return null;
        }

        String hostname = getHost(httpRequest);

        // if there is an entry in the credentials map matching this hostname, add the credentials to the request
        String base64CredentialsForHostname = credentialsByHostname.get(hostname);
        if (base64CredentialsForHostname != null) {
            httpRequest.headers().add(HttpHeaders.Names.AUTHORIZATION, "Basic " + base64CredentialsForHostname);
        }
    }

    return null;
}
 
Example #6
Source File: HttpsHostCaptureFilter.java    From Dream-Catcher with MIT License 6 votes vote down vote up
@Override
public HttpResponse clientToProxyRequest(HttpObject httpObject) {
    if (httpObject instanceof HttpRequest) {
        HttpRequest httpRequest = (HttpRequest) httpObject;

        if (ProxyUtils.isCONNECT(httpRequest)) {
            Attribute<String> hostname = ctx.attr(AttributeKey.<String>valueOf(HttpsAwareFiltersAdapter.HOST_ATTRIBUTE_NAME));
            String hostAndPort = httpRequest.getUri();

            // CONNECT requests contain the port, even when using the default port. a sensible default is to remove the
            // default port, since in most cases it is not explicitly specified and its presence (in a HAR file, for example)
            // would be unexpected.
            String hostNoDefaultPort = BrowserMobHttpUtil.removeMatchingPort(hostAndPort, 443);
            hostname.set(hostNoDefaultPort);
        }
    }

    return null;
}
 
Example #7
Source File: HttpConnectHarCaptureFilter.java    From Dream-Catcher with MIT License 6 votes vote down vote up
public HttpConnectHarCaptureFilter(HttpRequest originalRequest, ChannelHandlerContext ctx, Har har, String currentPageRef) {
    super(originalRequest, ctx);

    if (har == null) {
        throw new IllegalStateException("Attempted har capture when har is null");
    }

    if (!ProxyUtils.isCONNECT(originalRequest)) {
        throw new IllegalStateException("Attempted HTTP CONNECT har capture on non-HTTP CONNECT request");
    }

    this.har = har;
    this.currentPageRef = currentPageRef;

    this.clientAddress = (InetSocketAddress) ctx.channel().remoteAddress();

    // create and cache an HTTP CONNECT timing object to capture timing-related information
    this.httpConnectTiming = new HttpConnectTiming();
    httpConnectTimes.put(clientAddress, httpConnectTiming);
}
 
Example #8
Source File: HttpsHostCaptureFilter.java    From CapturePacket with MIT License 6 votes vote down vote up
@Override
public HttpResponse clientToProxyRequest(HttpObject httpObject) {
    if (httpObject instanceof HttpRequest) {
        HttpRequest httpRequest = (HttpRequest) httpObject;

        if (ProxyUtils.isCONNECT(httpRequest)) {
            Attribute<String> hostname = ctx.attr(AttributeKey.<String>valueOf(HttpsAwareFiltersAdapter.HOST_ATTRIBUTE_NAME));
            String hostAndPort = httpRequest.getUri();

            // CONNECT requests contain the port, even when using the default port. a sensible default is to remove the
            // default port, since in most cases it is not explicitly specified and its presence (in a HAR file, for example)
            // would be unexpected.
            String hostNoDefaultPort = BrowserMobHttpUtil.removeMatchingPort(hostAndPort, 443);
            hostname.set(hostNoDefaultPort);
        }
    }

    return null;
}
 
Example #9
Source File: HttpConnectHarCaptureFilter.java    From CapturePacket with MIT License 6 votes vote down vote up
public HttpConnectHarCaptureFilter(HttpRequest originalRequest, ChannelHandlerContext ctx, Har har, String currentPageRef) {
    super(originalRequest, ctx);

    if (har == null) {
        throw new IllegalStateException("Attempted har capture when har is null");
    }

    if (!ProxyUtils.isCONNECT(originalRequest)) {
        throw new IllegalStateException("Attempted HTTP CONNECT har capture on non-HTTP CONNECT request");
    }

    this.har = har;
    this.currentPageRef = currentPageRef;

    this.clientAddress = (InetSocketAddress) ctx.channel().remoteAddress();

    // create and cache an HTTP CONNECT timing object to capture timing-related information
    this.httpConnectTiming = new HttpConnectTiming();
    httpConnectTimes.put(clientAddress, httpConnectTiming);
}
 
Example #10
Source File: AutoBasicAuthFilter.java    From browserup-proxy with Apache License 2.0 6 votes vote down vote up
@Override
public HttpResponse clientToProxyRequest(HttpObject httpObject) {
    if (credentialsByHostname.isEmpty()) {
        return null;
    }

    if (httpObject instanceof HttpRequest) {
        HttpRequest httpRequest = (HttpRequest) httpObject;

        // providing authorization during a CONNECT is generally not useful
        if (ProxyUtils.isCONNECT(httpRequest)) {
            return null;
        }

        String hostname = getHost(httpRequest);

        // if there is an entry in the credentials map matching this hostname, add the credentials to the request
        String base64CredentialsForHostname = credentialsByHostname.get(hostname);
        if (base64CredentialsForHostname != null) {
            httpRequest.headers().add(HttpHeaderNames.AUTHORIZATION, "Basic " + base64CredentialsForHostname);
        }
    }

    return null;
}
 
Example #11
Source File: HttpConnectHarCaptureFilter.java    From browserup-proxy with Apache License 2.0 6 votes vote down vote up
public HttpConnectHarCaptureFilter(HttpRequest originalRequest, ChannelHandlerContext ctx, Har har, String currentPageRef) {
    super(originalRequest, ctx);

    if (har == null) {
        throw new IllegalStateException("Attempted har capture when har is null");
    }

    if (!ProxyUtils.isCONNECT(originalRequest)) {
        throw new IllegalStateException("Attempted HTTP CONNECT har capture on non-HTTP CONNECT request");
    }

    this.har = har;
    this.currentPageRef = currentPageRef;

    this.clientAddress = (InetSocketAddress) ctx.channel().remoteAddress();

    // create and cache an HTTP CONNECT timing object to capture timing-related information
    this.httpConnectTiming = new HttpConnectTiming();
    httpConnectTimes.put(clientAddress, httpConnectTiming);
}
 
Example #12
Source File: HttpsAwareFiltersAdapter.java    From browserup-proxy with Apache License 2.0 6 votes vote down vote up
/**
 * Returns the full, absolute URL of the specified request for both HTTP and HTTPS URLs. The request may reflect
 * modifications from this or other filters. This filter instance must be currently handling the specified request;
 * otherwise the results are undefined.
 *
 * @param modifiedRequest a possibly-modified version of the request currently being processed
 * @return the full URL of the request, including scheme, host, port, path, and query parameters
 */
public String getFullUrl(HttpRequest modifiedRequest) {
    // special case: for HTTPS requests, the full URL is scheme (https://) + the URI of this request
    if (ProxyUtils.isCONNECT(modifiedRequest)) {
        // CONNECT requests contain the default port, even if it isn't specified on the request.
        String hostNoDefaultPort = BrowserUpHttpUtil.removeMatchingPort(modifiedRequest.uri(), 443);
        return "https://" + hostNoDefaultPort;
    }

    // To get the full URL, we need to retrieve the Scheme, Host + Port, Path, and Query Params from the request.
    // If the request URI starts with http:// or https://, it is already a full URL and can be returned directly.
    if (startsWithHttpOrHttps(modifiedRequest.uri())) {
        return modifiedRequest.uri();
    }

    // The URI did not include the scheme and host, so examine the request to obtain them:
    // Scheme: the scheme (HTTP/HTTPS) are based on the type of connection, obtained from isHttps()
    // Host and Port: available for HTTP and HTTPS requests using the getHostAndPort() helper method.
    // Path + Query Params: since the request URI doesn't start with the scheme, we can safely assume that the URI
    //    contains only the path and query params.
    String hostAndPort = getHostAndPort(modifiedRequest);
    String path = modifiedRequest.uri();

    return isHttps() ? "https://" + hostAndPort + path : "http://" + hostAndPort + path;
}
 
Example #13
Source File: HttpsHostCaptureFilter.java    From browserup-proxy with Apache License 2.0 6 votes vote down vote up
@Override
public HttpResponse clientToProxyRequest(HttpObject httpObject) {
    if (httpObject instanceof HttpRequest) {
        HttpRequest httpRequest = (HttpRequest) httpObject;

        if (ProxyUtils.isCONNECT(httpRequest)) {
            Attribute<String> hostname = ctx.channel().attr(AttributeKey.valueOf(HOST_ATTRIBUTE_NAME));
            String hostAndPort = httpRequest.uri();

            // CONNECT requests contain the port, even when using the default port. a sensible default is to remove the
            // default port, since in most cases it is not explicitly specified and its presence (in a HAR file, for example)
            // would be unexpected.
            String hostNoDefaultPort = BrowserUpHttpUtil.removeMatchingPort(hostAndPort, 443);
            hostname.set(hostNoDefaultPort);
        }
    }

    return null;
}
 
Example #14
Source File: HttpUtility.java    From PowerTunnel with MIT License 5 votes vote down vote up
/**
 * Retrieves response with HTML code
 *
 * @param html - HTML code
 * @param headers - response headers
 * @return HttpResponse with HTML code
 */
public static HttpResponse getResponse(String html, int status, Map<String, String> headers) {
    String body = "<!DOCTYPE html>\n" + html;
    byte[] bytes = body.getBytes(StandardCharsets.UTF_8);
    ByteBuf content = Unpooled.copiedBuffer(bytes);
    HttpResponse response = new DefaultFullHttpResponse(HttpVersion.HTTP_1_1, HttpResponseStatus.valueOf(status), content);
    response.headers().set(HttpHeaders.Names.CONTENT_LENGTH, bytes.length);
    response.headers().set("Content-Type", "text/html; charset=UTF-8");
    response.headers().set("Date", ProxyUtils.formatDate(new Date()));
    for (Map.Entry<String, String> header : headers.entrySet()) {
        response.headers().set(header.getKey(), header.getValue());
    }
    return response;
}
 
Example #15
Source File: WhitelistFilter.java    From CapturePacket with MIT License 5 votes vote down vote up
@Override
public HttpResponse clientToProxyRequest(HttpObject httpObject) {
    if (!whitelistEnabled) {
        return null;
    }

    if (httpObject instanceof HttpRequest) {
        HttpRequest httpRequest = (HttpRequest) httpObject;

        // do not allow HTTP CONNECTs to be short-circuited
        if (ProxyUtils.isCONNECT(httpRequest)) {
            return null;
        }

        boolean urlWhitelisted = false;

        String url = getFullUrl(httpRequest);

        for (Pattern pattern : whitelistUrls) {
            if (pattern.matcher(url).matches()) {
                urlWhitelisted = true;
                break;
            }
        }

        if (!urlWhitelisted) {
            HttpResponseStatus status = HttpResponseStatus.valueOf(whitelistResponseCode);
            HttpResponse resp = new DefaultFullHttpResponse(httpRequest.getProtocolVersion(), status);
            HttpHeaders.setContentLength(resp, 0L);

            return resp;
        }
    }

    return null;
}
 
Example #16
Source File: HttpsOriginalHostCaptureFilter.java    From AndroidHttpCapture with MIT License 5 votes vote down vote up
public HttpsOriginalHostCaptureFilter(HttpRequest originalRequest, ChannelHandlerContext ctx) {
    super(originalRequest, ctx);

    // if this is an HTTP CONNECT, set the isHttps attribute on the ChannelHandlerConect and capture the hostname from the original request.
    // capturing the original host (and the remapped/modified host in clientToProxyRequest() below) guarantees that we will
    // have the "true" host, rather than relying on the Host header in subsequent requests (which may be absent or spoofed by malicious clients).
    if (ProxyUtils.isCONNECT(originalRequest)) {
        Attribute<String> originalHostAttr = ctx.attr(AttributeKey.<String>valueOf(HttpsAwareFiltersAdapter.ORIGINAL_HOST_ATTRIBUTE_NAME));
        String hostAndPort = originalRequest.getUri();
        originalHostAttr.set(hostAndPort);

        Attribute<Boolean> isHttpsAttr = ctx.attr(AttributeKey.<Boolean>valueOf(HttpsAwareFiltersAdapter.IS_HTTPS_ATTRIBUTE_NAME));
        isHttpsAttr.set(true);
    }
}
 
Example #17
Source File: HarCaptureFilter.java    From AndroidHttpCapture with MIT License 5 votes vote down vote up
/**
 * Create a new instance of the HarCaptureFilter that will capture request and response information. If no har is specified in the
 * constructor, this filter will do nothing.
 * <p/>
 * Regardless of the CaptureTypes specified in <code>dataToCapture</code>, the HarCaptureFilter will always capture:
 * <ul>
 *     <li>Request and response sizes</li>
 *     <li>HTTP request and status lines</li>
 *     <li>Page timing information</li>
 * </ul>
 *
 * @param originalRequest the original HttpRequest from the HttpFiltersSource factory
 * @param har a reference to the ProxyServer's current HAR file at the time this request is received (can be null if HAR capture is not required)
 * @param currentPageRef the ProxyServer's currentPageRef at the time this request is received from the client
 * @param dataToCapture the data types to capture for this request. null or empty set indicates only basic information will be
 *                      captured (see {@link net.lightbody.bmp.proxy.CaptureType} for information on data collected for each CaptureType)
 */
public HarCaptureFilter(HttpRequest originalRequest, ChannelHandlerContext ctx, Har har, String currentPageRef, Set<CaptureType> dataToCapture) {
    super(originalRequest, ctx);

    if (har == null) {
        throw new IllegalStateException("Attempted har capture when har is null");
    }

    if (ProxyUtils.isCONNECT(originalRequest)) {
        throw new IllegalStateException("Attempted har capture for HTTP CONNECT request");
    }

    this.clientAddress = (InetSocketAddress) ctx.channel().remoteAddress();

    if (dataToCapture != null && !dataToCapture.isEmpty()) {
        this.dataToCapture = EnumSet.copyOf(dataToCapture);
    } else {
        this.dataToCapture = EnumSet.noneOf(CaptureType.class);
    }

    // we may need to capture both the request and the response, so set up the request/response filters and delegate to them when
    // the corresponding filter methods are invoked. to save time and memory, only set up the capturing filters when
    // we actually need to capture the data.
    if (this.dataToCapture.contains(CaptureType.REQUEST_CONTENT) || this.dataToCapture.contains(CaptureType.REQUEST_BINARY_CONTENT)) {
        requestCaptureFilter = new ClientRequestCaptureFilter(originalRequest);
    } else {
        requestCaptureFilter = null;
    }

    if (this.dataToCapture.contains(CaptureType.RESPONSE_CONTENT) || this.dataToCapture.contains(CaptureType.RESPONSE_BINARY_CONTENT)) {
        responseCaptureFilter = new ServerResponseCaptureFilter(originalRequest, true);
    } else {
        responseCaptureFilter = null;
    }

    this.har = har;

    this.harEntry = new HarEntry(currentPageRef);
}
 
Example #18
Source File: HttpsAwareFiltersAdapter.java    From AndroidHttpCapture with MIT License 5 votes vote down vote up
/**
 * Returns the full, absolute URL of the specified request for both HTTP and HTTPS URLs. The request may reflect
 * modifications from this or other filters. This filter instance must be currently handling the specified request;
 * otherwise the results are undefined.
 *
 * @param modifiedRequest a possibly-modified version of the request currently being processed
 * @return the full URL of the request, including scheme, host, port, path, and query parameters
 */
public String getFullUrl(HttpRequest modifiedRequest) {
    // special case: for HTTPS requests, the full URL is scheme (https://) + the URI of this request
    if (ProxyUtils.isCONNECT(modifiedRequest)) {
        // CONNECT requests contain the default port, even if it isn't specified on the request.
        String hostNoDefaultPort = BrowserMobHttpUtil.removeMatchingPort(modifiedRequest.getUri(), 443);
        return "https://" + hostNoDefaultPort;
    }

    // To get the full URL, we need to retrieve the Scheme, Host + Port, Path, and Query Params from the request.
    // If the request URI starts with http:// or https://, it is already a full URL and can be returned directly.
    if (HttpUtil.startsWithHttpOrHttps(modifiedRequest.getUri())) {
        return modifiedRequest.getUri();
    }

    // The URI did not include the scheme and host, so examine the request to obtain them:
    // Scheme: the scheme (HTTP/HTTPS) are based on the type of connection, obtained from isHttps()
    // Host and Port: available for HTTP and HTTPS requests using the getHostAndPort() helper method.
    // Path + Query Params: since the request URI doesn't start with the scheme, we can safely assume that the URI
    //    contains only the path and query params.
    String hostAndPort = getHostAndPort(modifiedRequest);
    String path = modifiedRequest.getUri();
    String url;
    if (isHttps()) {
        url = "https://" + hostAndPort + path;
    } else {
        url = "http://" + hostAndPort + path;
    }
    return url;
}
 
Example #19
Source File: WhitelistFilter.java    From browserup-proxy with Apache License 2.0 5 votes vote down vote up
@Override
public HttpResponse clientToProxyRequest(HttpObject httpObject) {
    if (!whitelistEnabled) {
        return null;
    }

    if (httpObject instanceof HttpRequest) {
        HttpRequest httpRequest = (HttpRequest) httpObject;

        // do not allow HTTP CONNECTs to be short-circuited
        if (ProxyUtils.isCONNECT(httpRequest)) {
            return null;
        }

        boolean urlWhitelisted;

        String url = getFullUrl(httpRequest);

        urlWhitelisted = whitelistUrls.stream().anyMatch(pattern -> pattern.matcher(url).matches());

        if (!urlWhitelisted) {
            HttpResponseStatus status = HttpResponseStatus.valueOf(whitelistResponseCode);
            HttpResponse resp = new DefaultFullHttpResponse(httpRequest.protocolVersion(), status);
            HttpUtil.setContentLength(resp, 0L);

            return resp;
        }
    }

    return null;
}
 
Example #20
Source File: WhitelistFilter.java    From AndroidHttpCapture with MIT License 5 votes vote down vote up
@Override
public HttpResponse clientToProxyRequest(HttpObject httpObject) {
    if (!whitelistEnabled) {
        return null;
    }

    if (httpObject instanceof HttpRequest) {
        HttpRequest httpRequest = (HttpRequest) httpObject;

        // do not allow HTTP CONNECTs to be short-circuited
        if (ProxyUtils.isCONNECT(httpRequest)) {
            return null;
        }

        boolean urlWhitelisted = false;

        String url = getFullUrl(httpRequest);

        for (Pattern pattern : whitelistUrls) {
            if (pattern.matcher(url).matches()) {
                urlWhitelisted = true;
                break;
            }
        }

        if (!urlWhitelisted) {
            HttpResponseStatus status = HttpResponseStatus.valueOf(whitelistResponseCode);
            HttpResponse resp = new DefaultFullHttpResponse(httpRequest.getProtocolVersion(), status);
            HttpHeaders.setContentLength(resp, 0L);

            return resp;
        }
    }

    return null;
}
 
Example #21
Source File: HttpsOriginalHostCaptureFilter.java    From Dream-Catcher with MIT License 5 votes vote down vote up
public HttpsOriginalHostCaptureFilter(HttpRequest originalRequest, ChannelHandlerContext ctx) {
    super(originalRequest, ctx);

    // if this is an HTTP CONNECT, set the isHttps attribute on the ChannelHandlerConect and capture the hostname from the original request.
    // capturing the original host (and the remapped/modified host in clientToProxyRequest() below) guarantees that we will
    // have the "true" host, rather than relying on the Host header in subsequent requests (which may be absent or spoofed by malicious clients).
    if (ProxyUtils.isCONNECT(originalRequest)) {
        Attribute<String> originalHostAttr = ctx.attr(AttributeKey.<String>valueOf(HttpsAwareFiltersAdapter.ORIGINAL_HOST_ATTRIBUTE_NAME));
        String hostAndPort = originalRequest.getUri();
        originalHostAttr.set(hostAndPort);

        Attribute<Boolean> isHttpsAttr = ctx.attr(AttributeKey.<Boolean>valueOf(HttpsAwareFiltersAdapter.IS_HTTPS_ATTRIBUTE_NAME));
        isHttpsAttr.set(true);
    }
}
 
Example #22
Source File: HttpsAwareFiltersAdapter.java    From Dream-Catcher with MIT License 5 votes vote down vote up
/**
 * Returns the full, absolute URL of the specified request for both HTTP and HTTPS URLs. The request may reflect
 * modifications from this or other filters. This filter instance must be currently handling the specified request;
 * otherwise the results are undefined.
 *
 * @param modifiedRequest a possibly-modified version of the request currently being processed
 * @return the full URL of the request, including scheme, host, port, path, and query parameters
 */
public String getFullUrl(HttpRequest modifiedRequest) {
    // special case: for HTTPS requests, the full URL is scheme (https://) + the URI of this request
    if (ProxyUtils.isCONNECT(modifiedRequest)) {
        // CONNECT requests contain the default port, even if it isn't specified on the request.
        String hostNoDefaultPort = BrowserMobHttpUtil.removeMatchingPort(modifiedRequest.getUri(), 443);
        return "https://" + hostNoDefaultPort;
    }

    // To get the full URL, we need to retrieve the Scheme, Host + Port, Path, and Query Params from the request.
    // If the request URI starts with http:// or https://, it is already a full URL and can be returned directly.
    if (HttpUtil.startsWithHttpOrHttps(modifiedRequest.getUri())) {
        return modifiedRequest.getUri();
    }

    // The URI did not include the scheme and host, so examine the request to obtain them:
    // Scheme: the scheme (HTTP/HTTPS) are based on the type of connection, obtained from isHttps()
    // Host and Port: available for HTTP and HTTPS requests using the getHostAndPort() helper method.
    // Path + Query Params: since the request URI doesn't start with the scheme, we can safely assume that the URI
    //    contains only the path and query params.
    String hostAndPort = getHostAndPort(modifiedRequest);
    String path = modifiedRequest.getUri();
    String url;
    if (isHttps()) {
        url = "https://" + hostAndPort + path;
    } else {
        url = "http://" + hostAndPort + path;
    }
    return url;
}
 
Example #23
Source File: HarCaptureFilter.java    From browserup-proxy with Apache License 2.0 5 votes vote down vote up
/**
 * Create a new instance of the HarCaptureFilter that will capture request and response information. If no har is specified in the
 * constructor, this filter will do nothing.
 * Regardless of the CaptureTypes specified in <code>dataToCapture</code>, the HarCaptureFilter will always capture:
 * <ul>
 *     <li>Request and response sizes</li>
 *     <li>HTTP request and status lines</li>
 *     <li>Page timing information</li>
 * </ul>
 *
 * @param originalRequest the original HttpRequest from the HttpFiltersSource factory
 * @param har a reference to the ProxyServer's current HAR file at the time this request is received (can be null if HAR capture is not required)
 * @param currentPageRef the ProxyServer's currentPageRef at the time this request is received from the client
 * @param dataToCapture the data types to capture for this request. null or empty set indicates only basic information will be
 *                      captured (see {@link com.browserup.bup.proxy.CaptureType} for information on data collected for each CaptureType)
 * @param ctx ChannelHandlerContext ctx
 */
public HarCaptureFilter(HttpRequest originalRequest, ChannelHandlerContext ctx, Har har, String currentPageRef, Set<CaptureType> dataToCapture) {
    super(originalRequest, ctx);

    if (har == null) {
        throw new IllegalStateException("Attempted har capture when har is null");
    }

    if (ProxyUtils.isCONNECT(originalRequest)) {
        throw new IllegalStateException("Attempted har capture for HTTP CONNECT request");
    }

    this.clientAddress = (InetSocketAddress) ctx.channel().remoteAddress();

    if (dataToCapture != null && !dataToCapture.isEmpty()) {
        this.dataToCapture = EnumSet.copyOf(dataToCapture);
    } else {
        this.dataToCapture = EnumSet.noneOf(CaptureType.class);
    }

    // we may need to capture both the request and the response, so set up the request/response filters and delegate to them when
    // the corresponding filter methods are invoked. to save time and memory, only set up the capturing filters when
    // we actually need to capture the data.
    if (this.dataToCapture.contains(CaptureType.REQUEST_CONTENT) || this.dataToCapture.contains(CaptureType.REQUEST_BINARY_CONTENT)) {
        requestCaptureFilter = new ClientRequestCaptureFilter(originalRequest);
    } else {
        requestCaptureFilter = null;
    }

    if (this.dataToCapture.contains(CaptureType.RESPONSE_CONTENT) || this.dataToCapture.contains(CaptureType.RESPONSE_BINARY_CONTENT)) {
        responseCaptureFilter = new ServerResponseCaptureFilter(originalRequest, true);
    } else {
        responseCaptureFilter = null;
    }

    this.har = har;

    this.harEntry = new HarEntry();
    this.harEntry.setPageref(currentPageRef);
}
 
Example #24
Source File: WhitelistFilter.java    From Dream-Catcher with MIT License 5 votes vote down vote up
@Override
public HttpResponse clientToProxyRequest(HttpObject httpObject) {
    if (!whitelistEnabled) {
        return null;
    }

    if (httpObject instanceof HttpRequest) {
        HttpRequest httpRequest = (HttpRequest) httpObject;

        // do not allow HTTP CONNECTs to be short-circuited
        if (ProxyUtils.isCONNECT(httpRequest)) {
            return null;
        }

        boolean urlWhitelisted = false;

        String url = getFullUrl(httpRequest);

        for (Pattern pattern : whitelistUrls) {
            if (pattern.matcher(url).matches()) {
                urlWhitelisted = true;
                break;
            }
        }

        if (!urlWhitelisted) {
            HttpResponseStatus status = HttpResponseStatus.valueOf(whitelistResponseCode);
            HttpResponse resp = new DefaultFullHttpResponse(httpRequest.getProtocolVersion(), status);
            HttpHeaders.setContentLength(resp, 0L);

            return resp;
        }
    }

    return null;
}
 
Example #25
Source File: HttpUtility.java    From PowerTunnel with MIT License 5 votes vote down vote up
/**
 * Retrieves response with HTML code
 *
 * @param html - HTML code
 * @return HttpResponse with HTML code
 */
public static HttpResponse getResponse(String html) {
    String body = "<!DOCTYPE html>\n" + html;
    byte[] bytes = body.getBytes(StandardCharsets.UTF_8);
    ByteBuf content = Unpooled.copiedBuffer(bytes);
    HttpResponse response = new DefaultFullHttpResponse(HttpVersion.HTTP_1_1, HttpResponseStatus.BAD_GATEWAY, content);
    response.headers().set(HttpHeaders.Names.CONTENT_LENGTH, bytes.length);
    response.headers().set("Content-Type", "text/html; charset=UTF-8");
    response.headers().set("Date", ProxyUtils.formatDate(new Date()));
    return response;
}
 
Example #26
Source File: HttpsOriginalHostCaptureFilter.java    From CapturePacket with MIT License 5 votes vote down vote up
public HttpsOriginalHostCaptureFilter(HttpRequest originalRequest, ChannelHandlerContext ctx) {
    super(originalRequest, ctx);

    // if this is an HTTP CONNECT, set the isHttps attribute on the ChannelHandlerConect and capture the hostname from the original request.
    // capturing the original host (and the remapped/modified host in clientToProxyRequest() below) guarantees that we will
    // have the "true" host, rather than relying on the Host header in subsequent requests (which may be absent or spoofed by malicious clients).
    if (ProxyUtils.isCONNECT(originalRequest)) {
        Attribute<String> originalHostAttr = ctx.attr(AttributeKey.<String>valueOf(HttpsAwareFiltersAdapter.ORIGINAL_HOST_ATTRIBUTE_NAME));
        String hostAndPort = originalRequest.getUri();
        originalHostAttr.set(hostAndPort);

        Attribute<Boolean> isHttpsAttr = ctx.attr(AttributeKey.<Boolean>valueOf(HttpsAwareFiltersAdapter.IS_HTTPS_ATTRIBUTE_NAME));
        isHttpsAttr.set(true);
    }
}
 
Example #27
Source File: HarCaptureFilter.java    From CapturePacket with MIT License 5 votes vote down vote up
/**
 * Create a new instance of the HarCaptureFilter that will capture request and response information. If no har is specified in the
 * constructor, this filter will do nothing.
 * <p/>
 * Regardless of the CaptureTypes specified in <code>dataToCapture</code>, the HarCaptureFilter will always capture:
 * <ul>
 *     <li>Request and response sizes</li>
 *     <li>HTTP request and status lines</li>
 *     <li>Page timing information</li>
 * </ul>
 *
 * @param originalRequest the original HttpRequest from the HttpFiltersSource factory
 * @param har a reference to the ProxyServer's current HAR file at the time this request is received (can be null if HAR capture is not required)
 * @param currentPageRef the ProxyServer's currentPageRef at the time this request is received from the client
 * @param dataToCapture the data types to capture for this request. null or empty set indicates only basic information will be
 *                      captured (see {@link net.lightbody.bmp.proxy.CaptureType} for information on data collected for each CaptureType)
 */
public HarCaptureFilter(HttpRequest originalRequest, ChannelHandlerContext ctx, Har har, String currentPageRef, Set<CaptureType> dataToCapture) {
    super(originalRequest, ctx);

    if (har == null) {
        throw new IllegalStateException("Attempted har capture when har is null");
    }

    if (ProxyUtils.isCONNECT(originalRequest)) {
        throw new IllegalStateException("Attempted har capture for HTTP CONNECT request");
    }

    this.clientAddress = (InetSocketAddress) ctx.channel().remoteAddress();

    if (dataToCapture != null && !dataToCapture.isEmpty()) {
        this.dataToCapture = EnumSet.copyOf(dataToCapture);
    } else {
        this.dataToCapture = EnumSet.noneOf(CaptureType.class);
    }

    // we may need to capture both the request and the response, so set up the request/response filters and delegate to them when
    // the corresponding filter methods are invoked. to save time and memory, only set up the capturing filters when
    // we actually need to capture the data.
    if (this.dataToCapture.contains(CaptureType.REQUEST_CONTENT) || this.dataToCapture.contains(CaptureType.REQUEST_BINARY_CONTENT)) {
        requestCaptureFilter = new ClientRequestCaptureFilter(originalRequest);
    } else {
        requestCaptureFilter = null;
    }

    if (this.dataToCapture.contains(CaptureType.RESPONSE_CONTENT) || this.dataToCapture.contains(CaptureType.RESPONSE_BINARY_CONTENT)) {
        responseCaptureFilter = new ServerResponseCaptureFilter(originalRequest, true);
    } else {
        responseCaptureFilter = null;
    }

    this.har = har;

    this.harEntry = new HarEntry(currentPageRef);
}
 
Example #28
Source File: HttpsAwareFiltersAdapter.java    From CapturePacket with MIT License 5 votes vote down vote up
/**
 * Returns the full, absolute URL of the specified request for both HTTP and HTTPS URLs. The request may reflect
 * modifications from this or other filters. This filter instance must be currently handling the specified request;
 * otherwise the results are undefined.
 *
 * @param modifiedRequest a possibly-modified version of the request currently being processed
 * @return the full URL of the request, including scheme, host, port, path, and query parameters
 */
public String getFullUrl(HttpRequest modifiedRequest) {
    // special case: for HTTPS requests, the full URL is scheme (https://) + the URI of this request
    if (ProxyUtils.isCONNECT(modifiedRequest)) {
        // CONNECT requests contain the default port, even if it isn't specified on the request.
        String hostNoDefaultPort = BrowserMobHttpUtil.removeMatchingPort(modifiedRequest.getUri(), 443);
        return "https://" + hostNoDefaultPort;
    }

    // To get the full URL, we need to retrieve the Scheme, Host + Port, Path, and Query Params from the request.
    // If the request URI starts with http:// or https://, it is already a full URL and can be returned directly.
    if (HttpUtil.startsWithHttpOrHttps(modifiedRequest.getUri())) {
        return modifiedRequest.getUri();
    }

    // The URI did not include the scheme and host, so examine the request to obtain them:
    // Scheme: the scheme (HTTP/HTTPS) are based on the type of connection, obtained from isHttps()
    // Host and Port: available for HTTP and HTTPS requests using the getHostAndPort() helper method.
    // Path + Query Params: since the request URI doesn't start with the scheme, we can safely assume that the URI
    //    contains only the path and query params.
    String hostAndPort = getHostAndPort(modifiedRequest);
    String path = modifiedRequest.getUri();
    String url;
    if (isHttps()) {
        url = "https://" + hostAndPort + path;
    } else {
        url = "http://" + hostAndPort + path;
    }
    return url;
}
 
Example #29
Source File: HttpsOriginalHostCaptureFilter.java    From browserup-proxy with Apache License 2.0 5 votes vote down vote up
public HttpsOriginalHostCaptureFilter(HttpRequest originalRequest, ChannelHandlerContext ctx) {
    super(originalRequest, ctx);

    // if this is an HTTP CONNECT, set the isHttps attribute on the ChannelHandlerConect and capture the hostname from the original request.
    // capturing the original host (and the remapped/modified host in clientToProxyRequest() below) guarantees that we will
    // have the "true" host, rather than relying on the Host header in subsequent requests (which may be absent or spoofed by malicious clients).
    if (ProxyUtils.isCONNECT(originalRequest)) {
        Attribute<String> originalHostAttr = ctx.channel().attr(AttributeKey.valueOf(ORIGINAL_HOST_ATTRIBUTE_NAME));
        String hostAndPort = originalRequest.uri();
        originalHostAttr.set(hostAndPort);

        Attribute<Boolean> isHttpsAttr = ctx.channel().attr(AttributeKey.valueOf(IS_HTTPS_ATTRIBUTE_NAME));
        isHttpsAttr.set(true);
    }
}
 
Example #30
Source File: HarCaptureFilter.java    From Dream-Catcher with MIT License 4 votes vote down vote up
/**
 * Create a new instance of the HarCaptureFilter that will capture request and response information. If no har is specified in the
 * constructor, this filter will do nothing.
 * <p/>
 * Regardless of the CaptureTypes specified in <code>dataToCapture</code>, the HarCaptureFilter will always capture:
 * <ul>
 * <li>Request and response sizes</li>
 * <li>HTTP request and status lines</li>
 * <li>Page timing information</li>
 * </ul>
 *
 * @param originalRequest the original HttpRequest from the HttpFiltersSource factory
 * @param har             a reference to the ProxyServer's current HAR file at the time this request is received (can be null if HAR capture is not required)
 * @param currentPageRef  the ProxyServer's currentPageRef at the time this request is received from the client
 * @param dataToCapture   the data types to capture for this request. null or empty set indicates only basic information will be
 *                        captured (see {@link net.lightbody.bmp.proxy.CaptureType} for information on data collected for each CaptureType)
 */
public HarCaptureFilter(HttpRequest originalRequest, ChannelHandlerContext ctx, Har har, String currentPageRef, Set<CaptureType> dataToCapture) {
    super(originalRequest, ctx);

    if (har == null) {
        throw new IllegalStateException("Attempted har capture when har is null");
    }

    if (ProxyUtils.isCONNECT(originalRequest)) {
        throw new IllegalStateException("Attempted har capture for HTTP CONNECT request");
    }

    this.clientAddress = (InetSocketAddress) ctx.channel().remoteAddress();

    if (dataToCapture != null && !dataToCapture.isEmpty()) {
        this.dataToCapture = EnumSet.copyOf(dataToCapture);
    } else {
        this.dataToCapture = EnumSet.noneOf(CaptureType.class);
    }

    // we may need to capture both the request and the response, so set up the request/response filters and delegate to them when
    // the corresponding filter methods are invoked. to save time and memory, only set up the capturing filters when
    // we actually need to capture the data.
    if (this.dataToCapture.contains(CaptureType.REQUEST_CONTENT) || this.dataToCapture.contains(CaptureType.REQUEST_BINARY_CONTENT)) {
        requestCaptureFilter = new ClientRequestCaptureFilter(originalRequest);
    } else {
        requestCaptureFilter = null;
    }

    if (this.dataToCapture.contains(CaptureType.RESPONSE_CONTENT) || this.dataToCapture.contains(CaptureType.RESPONSE_BINARY_CONTENT)) {
        responseCaptureFilter = new ServerResponseCaptureFilter(originalRequest, true);
    } else {
        responseCaptureFilter = null;
    }

    this.har = har;

    this.proxyManager = ProxyManager.newInstance();
    this.harEntry = new HarEntry(currentPageRef);
    harEntry.setId(proxyManager.getDCRequestId());
    this.harRequest = new DCRequest(harEntry);
    this.harRequest.attachBodyHelper(this.proxyManager.getRequestBodyHelper());
    this.harResponse = new DCResponse(harEntry);
}