Help with HTTP Intercepting Proxy in Ruby?

Question

I have the beginnings of an HTTP Intercepting Proxy written in Ruby:

require \'socket\'                # Get sockets from stdlib

server = TCPServer.open(8080)           


        

Answer 1

This was an old question, but for the sake of completeness here goes another answer.

I've implemented a HTTP/HTTPS interception proxy in Ruby, the project is hosted in github.

The HTTP case is obvious, HTTPS interception in accomplished via an HTTPS server that acts as a reverse proxy (and handles the TLS handshake). I.e.

Client(e.g. Browser) <--> Proxy1 <--> HTTPS Reverse Proxy <--> Target Server

As Valko mentioned, when a client connects to a HTTPS server through a proxy, you'll see a stream of encrypted bytes (since SSL provides end-to-end encryption). But not everything is encrypted, the proxy needs to know to whom the stream of bytes should be forwarded, so the client issues a CONNECT host:port request (being the body of the request the SSL stream).

The trick here is that the first proxy will forward this request to the HTTPS Reverse Proxy instead of the real target server. This reverse proxy will handle the SSL negotiation with the client, have access to the decrypted requests, and send copies (optionally altered versions) of these requests to the real target server by acting as a normal client. It will get the responses from the target server, (optionally) alter the responses, and send them back to the client.