humungus - miniwebproxy

overview - files - changes - changes rss

miniwebproxy - proxy to the miniweb

-- features

Intercepts CONNECT (https) requests.

Parses HTML responses and rewrites a simplified light weight version.

Rewrite rules are written in lua using standard CSS selectors.

Rewrite engine handles some common special cases like github and twitter embeds.

Filter rules loaded on the fly for easy reconfiguration.

Refer to manual.txt for more.

-- requirements

github.com/andybalholm/cascadia
github.com/yuin/gopher-lua
golang.org/x/net

A certificate and key named intercept.crt and intercept.key. Browsers will
need to trust the cert. A sign.sh script is provided for assistance.

-- setup

sh sign.sh

./miniwebproxy

-- security

The go TLS code is well regarded, but hasn't been as thoroughly examined as
alternatives. It may even be an improvement over the browser.

Be mindful not to lose control of the interception key.

It's possible to not intercept traffic for some sites, to mitigate the
consequences of proxy machine compromise. This works best with name
constrained certs.

-- caveats

The article CSS selector is fairly basic. It may require some tuning,
which isn't particularly difficult, just a matter of time and effort.
Tweak the lua code to suit your needs.

Voluminous but useless logging.

-- enhancements

Some custom rules for different sites would allow rewriting homepages as well.
Probably requires a few more functions to be exposed to lua.

Online configuration to allow clients to opt in and out of filtering.

recent changes