Transparent (redirecting) proxy with BaseHTTPServer
aurora
aurora00 at gmail.com
Thu Jan 27 16:28:54 EST 2005
If you actually want the IP, resolve the host header would give you that.
In the redirect case you should get a host header like
Host: www.python.org
From that you can reconstruct the original URL as
http://www.python.org/ftp/python/contrib/. With that you can open it using
urllib and proxy the data to the client.
The second form of HTTP request without the host part is for compatability
of pre-HTTP/1.1 standard. All modern web browser should send the Host
header.
> Hi list,
>
> My ultimate goal is to have a small HTTP proxy which is able to show a
> message specific to clients name/ip/status then handle the original
> request normally either by redirecting the client, or acting as a proxy.
>
> I started with a modified[1] version of TinyHTTPProxy postet by Suzuki
> Hisao somewhere in 2003 to this list and tried to extend it to my needs.
> It works quite well if I configure my client to use it, but using
> iptables REDIRECT feature to point the clients transparently to the
> proxy caused some issues.
>
> Precisely, the "self.path" member variable of baseHTTPRequestHandler is
> missing the <command> and the host (i.e www.python.org) part of the
> request line for REDIRECTed connections:
>
> without iptables REDIRECT:
> self.path -> GET http://www.python.org/ftp/python/contrib/ HTTP/1.1
>
> with REDIRECT:
> self.path -> GET /ftp/python/contrib/ HTTP/1.1
>
> I asked about this on the squid mailing list and was told this is normal
> and I have to reconstuct the request line from the real destination IP,
> the URL-path and the Host header (if any). If the Host header is sent
> it's an (unsafe) nobrainer, but I cannot for the life of me figure out
> where to get the "real destination IP". Any ideas?
>
> thanks
> Paul
>
> [1] HTTP Debugging Proxy
> Modified by Xavier Defrang (http://defrang.com/)
More information about the Python-list
mailing list