A web proxy built on Cowboy and Gun.
It does HTTP proxy calls for plaintext HTTP and accepts the HTTP CONNECT method to establish a TCP tunnel for TLS and other protocols.
+---------+ Plaintext HTTP/1.1 or +-------+ Plaintext HTTP/1.1 +--------+
| | HTTP/2 (port 8080) | | (or HTTP/2) | |
| |------------------------->| |--------------------->| |
| Browser | | Proxy | | Origin |
| | HTTP/1.1 or HTTP/2 over | | Opaque TCP tunnel | |
| | TLS (port 8443) | | (TLS or other data) | |
| |------------------------->| |--------------------->| |
| | | | | |
+---------+ +-------+ +--------+
This is proxy is created for testing the CONNECT functionality in Cowboy, which is under development.
- Configuration is hard-coded. Change the code and recomplile to change anything.
- HTTP/2 over plaintext TCP (proxy to origin) is not enabled by default.
- Most browsers use HTTP/2 over TLS only. For connections without TLS, they use HTTP/1.1. The connection to the proxy is what matters.
Start it by running make; make shell
and then type
application:ensure_all_started(deputy).
in the Erlang shell. Then configure a
browser to use localhost and port 8080 as HTTP proxy.
If you want to connect to the proxy using TLS, configure the browser to accept the self-signed certificate which is generated by make and configure the browser to use port 8443 and TLS for the proxy. In Firefox, you need to use a PAC file for this.
- Import
priv/certs/localhost-ca.crt
to your browser's trusted certificate authorities. In Firefox, this is under Privacy & Security -> Certificates -> Authorities. - Use
priv/https-localhost.pac
as the autmatic proxy configuation file. In Firefox: General -> Network Settings -> Automatic proxy configuration URL. You may need put in a file URI, likefile:///home/viktor/repos/deputy/priv/https-localhost.pac
.