可以使用代理将请求标头插入 SSL/HTTPS 请求吗?
我目前正在使用 apaches mod_proxy/mod_proxy_http/mod_headers 作为转发代理,将 cookie 请求标头添加到这样的请求中:(
<Proxy *>
Order deny,allow
Allow from all
RequestHeader set Cookie "mycookie=1234"
</Proxy>
当然我没有允许所有和 * 但为了简化和重现这只是很好)
现在我想对 ssl 连接执行相同的操作。我加载了 mod_proxy_connect ,这使得 ssl 工作正常,但标头注入不起作用。
这是有道理的,因为 SSL 是端到端的,不应在途中进行修改。
不过我想这么做。我认为服务器需要是中间的一个人。它需要自己的 SSL 证书,该证书对于域无效,但这可以作为例外添加。这可以通过反向代理来完成吗?
另一件我喜欢的事情(我更喜欢)是将 ssl 连接映射到通常的 http 连接。
欢迎任何建议!
I am currently using the apaches mod_proxy/mod_proxy_http/mod_headers as a forward proxy to add (overwrite) cookie request headers to a request like this:
<Proxy *>
Order deny,allow
Allow from all
RequestHeader set Cookie "mycookie=1234"
</Proxy>
(Of course i don't have allow from all and * but to simplify and reproduce this is just fine)
Now I want to do the same for an ssl connection. I loaded mod_proxy_connect which makes ssl work fine, but the header injection doesn't work.
This makes sense because SSL is end2end and shouldnt be modified on the way.
However I want to do it. I think the server would need to be a man in the middle. It would need its own SSL certificate which will be invalid for the domain, but this can be added as an exception. Can this somehow be done with a reverse proxy?
Another thing which i would be cool with to (which I would prefer) would be to map the ssl connection to a usual http connection.
Any suggestions welcome!
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
这是可能的,但这违反了 SSL 安全性,因此您在白帽软件中找不到此功能。
SSLStrip 可以将 HTTPS 代理为 HTTP,并动态转换链接和重定向。
It is possible, but that is a breach of SSL security, so you won't find feature for this in white-hat software.
SSLStrip can proxy HTTPS to HTTP and transform links and redirects on the fly.