3.2.2. Procedure – Using sed in one-sided HTTPS
Purpose:
If a server application does not support secure connections, or uses absolute links and this behavior cannot be modified, Application-level Gateway can change the URLs in the traffic. This can be accomplished by stacking a sed (stream editor) Linux command (or if needed, a complete shell script) into the proxy.
Steps:
Navigate to
, and select the HTTP proxy configured to handle one-sided SSL connections, or create a new one (for example,HttpSedProxy
).Add
self.response_stack
attribute to the panel, then click . (You need theself.response_stack
attribute, because the response of the server has to be changed.)Click
, then enter*
.Select the
column, then selecttype_http_stk_data
.Click
, select the row containing , then click again.Select
, and enter the command to be executed:sed -e 's|http://|https://|g'
For details on the sed command, see the sed manual pages.
Note The example sed command modifies all absolute links that appear in the traffic, that is, even links pointing to an external site will be modified. If possible, use at least the full domain name of the server in the sed command to avoid this problem (for example,
sed -e 's|http://www.example.com/|https://www.example.com|g'
). Be as specific as possible.Python:
self.response_stack["*"]=(HTTP_STK_DATA, (Z_STACK_PROGRAM, "sed -e 's|http://|https://|g'"))
Create a service that will use this new proxy (for example,
HttpSedProxy
).
Published on June 04, 2020
© 2007-2019 BalaSys
Send your comments to support@balasys.hu