How to set whitelist url not proxy by hudsucker ?

Question

How to set whitelist url not proxy by hudsucker ?

songjiachao opened this issue 10 months ago · 10 comments

whitelist or blacklist config for hudsucker

Answer 1 · 2024-05-23T11:16:00.000Z

The should_intercept method of the HttpHandler trait can be used to determine whether a CONNECT request should be intercepted. Most applications will also allow you to bypass a configured proxy for certain domains using a no_proxy setting.

Answer 2 · 2024-06-03T09:50:48.000Z

I add should_intercept config like *.gamecenter.com ， I just can visit www.gamecenter.com. I visit other website, got the error

Answer 3 · 2024-06-03T12:05:14.000Z

Could you please share your implementation of should_intercept?

Answer 4 · 2024-06-03T12:05:33.000Z

Also, are you able to visit those websites when not using the proxy?

Answer 5 · 2024-06-04T11:21:15.000Z

  fn should_intercept(&mut self, _ctx: &HttpContext, req: &Request<Body>) -> impl Future<Output = bool> + Send {
    let config = get_config();
    let white_domain_list = config.proxy.white_domain_list;
    let black_domain_list = config.proxy.black_domain_list;
    let authority = req.uri().authority().unwrap().to_string();
    let host = authority.split(':').next().unwrap_or(authority.as_str());

    // 优先白名单
    let flag = if !white_domain_list.is_empty() {
      let mut builder = GlobSetBuilder::new();
      white_domain_list.split(";").for_each(|domain| {
        if let Ok(domain) = Glob::new(domain) {
          builder.add(domain);
        } else {
          error!("White domain list parse error: {}", domain);
        }
      });
      match builder.build() {
        Ok(set) => set.is_match(host),
        Err(_) => true,
      }
    } else if !black_domain_list.is_empty() {
      let mut builder = GlobSetBuilder::new();
      black_domain_list.split(";").for_each(|domain| {
        if let Ok(domain) = Glob::new(domain) {
          builder.add(domain);
        } else {
          error!("Black domain list parse error: {}", domain);
        }
      });
      match builder.build() {
        Ok(set) => !set.is_match(host),
        Err(_) => true,
      }
    } else {
      true
    };
    async move { flag }
  }
}

Answer 6 · 2024-06-04T11:25:54.000Z

I set the whitelist "*.vmic.xyz" ,means that only *.vmic.xyz should_intercept return true, other website return false. I just can visit xxx.vmic,xyz. Ohter website got the error
[2024-06-04][11:19:55][ERROR][mitm::proxy::internal] HTTPS connect error: connection error, www.google.com:443

I delete the white_domain_list config and set all the website should_intercept return true . can visit

Answer 7 · 2024-06-13T09:49:03.000Z

May be this code
Just Reford the req without do anything.Got the error :Failed to tunnel to filters.adtidy.org:443: Connection reset by peer (os error 54)

let mut server = match TcpStream::connect(authority.as_ref()).await {
        Ok(server) => server,
        Err(e) => {
            error!("Failed to connect to: {}, {}", e, req.uri());
            return;
        }
    };

    if let Err(e) =
        tokio::io::copy_bidirectional(&mut upgraded, &mut server).await
    {
        error!("Failed to tunnel to {}: {}", authority, e);
    }

Answer 8 · 2024-06-13T12:59:23.000Z

Could you try just returning false from should_intercept? Could you also share your handle_request implementation?

Answer 9 · 2024-06-14T11:06:05.000Z

Could you try just returning false from should_intercept? YES, you can try it.

Answer 10 · 2024-06-14T11:47:52.000Z

Could you try just returning false from should_intercept? YES, you can try it.

The reason I am asking is because when I return false from should_intercept it works as expected. So I am trying to figure out if there is something going on with your setup that could be causing the issue, but want to try and eliminate as many variables as possible.