3

I want to create a proxy server with nodejs, it could be a web-proxy(like glype in php) or a proxy which we enter in browser.

The main motive is to save specific files(that match certain mime type) to HDD.

First of all I tried to use http-proxy module but it didn't allowed me to create a proxy server that accepts HTTPS. Also I didn't found any way to save files.(please correct me If I'm wrong)

Then, I tried node-unblocker, its just perfect but the only problem is its Limitations(listed here).

Please, could somebody help me out in doing this.

Mrigank
  • 136
  • 1
  • 8

1 Answers1

1

Keep in mind that, by default, your proxy solution wouldn't be able to eavesdrop https traffic as that would be considered a security breach. More precisely, you'd be doing #2 of this list.

You could theoretically implement a solution where your proxy server has its own SSL certificate and you include it in your trusted CA list in all the devices you plan on using this proxy. Much like Charles Proxy, Fiddler and other proxy programs do for debugging purposes.

Community
  • 1
  • 1
fmello
  • 563
  • 2
  • 9
  • What if I keep stream HTTPS content on server, and return it to user in HTTP protocol like `node-unblocker` and `glype`. – Mrigank Oct 22 '16 at 18:41
  • I'm not sure how much control do you have over the client and which urls/protocols it would use. In theory you could set up a proxy which takes `http` request from the client, rewrites the protocol to `https` when communicating with the end server, unpacks the response, and returns it to the client over `http` (which is how the client requested the data in the first place). – fmello Oct 23 '16 at 13:39
  • But there is not much sense in having one of the legs in `http` and the other one in `https`. Firstly, it beats the whole point of having `https` in the first place, since your data would be travelling unencrypted through part of the journey. Secondly, if your client makes an `http` request wouldn't that mean the client expects to communicate over unsafe `http` and thus the proxy could communicate with the server in `http` as well? – fmello Oct 23 '16 at 13:40
  • I mean, if you have enough control over the client to make all requests through `http`, why not use an `http` only proxy then? And if the server only responds over `https`, it probably does so for a reason (i.e. security), making it unwise to circunvent this with a part `http`, part `https` "two-step" request. – fmello Oct 23 '16 at 13:40