Dec 27, 2020
README
httpsproxy
httpsproxy is a Go
library provides an http serve mux that can work as an HTTPS proxy for a site
with self-signed https certificate.
Why?
The main user of this library is
blynk-proxy,
please refer to its
README
for more information.
This library is moved out of blynk-proxy project because I believe others
facing similar situation could benefit from it.
Example
Please refer to pkg.go.dev example or blynk-proxy code.
License
Documentation
Overview ¶
Package httpsproxy provides an http serve mux that can work as an HTTPS proxy for a site with self-signed https certificate.
The main user of this library is blynk-proxy, please refer to that project for context and examples: https://github.com/fishy/blynk-proxy
Index ¶
- func CheckError(logger *log.Logger, w http.ResponseWriter, err error) bool
- func CopyRequestHeaders(from, to *http.Request, headers []string)
- func DefaultHTTPClient(certPool *x509.CertPool, timeout time.Duration, ...) *http.Client
- func Mux(client *http.Client, targetURL, selfURL *url.URL, logger *log.Logger) *http.ServeMux
- func NewCertPool(pemCerts ...string) (certPool *x509.CertPool, failedCerts []string, sysCertPoolErr error)
- func NoRedirCheckRedirectFunc(*http.Request, []*http.Request) error
- func ProxyRootHandler(client *http.Client, targetURL, selfURL *url.URL, logger *log.Logger) func(w http.ResponseWriter, r *http.Request)
- func RewriteURL(logger *log.Logger, origURL, targetHost string, selfURL *url.URL) string
Examples ¶
Constants ¶
Variables ¶
Functions ¶
func CheckError ¶
CheckError checks error. If error is non-nil, it writes HTTP status code 502 (bad gateway) and the error message to the response and returns true.
func CopyRequestHeaders ¶
CopyRequestHeaders copies specified headers from one http.Request to another.
func DefaultHTTPClient ¶
func DefaultHTTPClient( certPool *x509.CertPool, timeout time.Duration, checkRedirectFunc func(*http.Request, []*http.Request) error, ) *http.Client
DefaultHTTPClient returns an http client that can be used in Mux function with:
certPool: the x509 cert pool to trust.
timeout: the http timeout.
checkRedirectFunc: the function to handle 3xx redirects, could be nil which means default behavior.
func Mux ¶
Mux creates an http serve mux to do the proxy job.
The returned mux contains a single handler for "/" to the handler generated by ProxyRootHandler to do the proxy. You can add your own handlers to handle cases like health check.
Refer to the doc of ProxyRootHandler for the more detailed explanations of the args.
func NewCertPool ¶
func NewCertPool(pemCerts ...string) ( certPool *x509.CertPool, failedCerts []string, sysCertPoolErr error, )
NewCertPool creates a new cert pool.
It tries to get the system cert pool first, then append new pemCerts into the pool.
Any new certs failed to append to the pool will be returned via failedCerts.
If for any reason it's unable to get the system cert pool, the error will be returned by sysCertPoolErr and the returned certPool will only have successfully added new certs.
func NoRedirCheckRedirectFunc ¶
NoRedirCheckRedirectFunc is a CheckRedirect function implemention can be used in http.Client. It does not follow any redirections.
func ProxyRootHandler ¶
func ProxyRootHandler( client *http.Client, targetURL, selfURL *url.URL, logger *log.Logger, ) func(w http.ResponseWriter, r *http.Request)
ProxyRootHandler generates the http handler function to be used to serve root ("/") in http mux.
client is the http client to use. You can either use DefaultHTTPClient function to get a default implementation, or refer to its code to create your own. You migh also find go.yhsif.com/badcerts package useful when creating your own client.
targetURL is the target URL this mux proxies to. Only its scheme and host will be used.
selfURL is for 3xx redirect rewrite. It could be nil, which means this mux won't rewrite any 3xx responses.
logger is the logger to log errors. It could be nil, which means no errors will be logged.
Source Files
Valid 
Stable version