SimonAlling
commented
4 years ago Ooh, that's such an interesting idea! :+1:
I'm not sure how feasible it would be in practice. Userscript Proxy is tightly integrated with mitmproxy, which does all the heavy lifting (including TLS interception and custom CA certificate generation). Both are written in Python, and my very spontaneous guess would be that you'd have a hard time trying to get it to run on Android. And that's without even mentioning battery consumption issues and all those things that would probably make it an absolute PITA for everyday use.
What I do today is I use OpenVPN with a somewhat intricate configuration to connect securely to my proxy when I'm not at home. This works on both iOS and Android, but I haven't documented it anywhere. Creating such documentation would very likely yield much more value per hour spent than trying to get Userscript Proxy to run on Android.
What I would like to do is setup Userscript Proxy with secure authentication, so that it can be exposed to the Internet and connected to from outside one's LAN, without VPN. I think such a solution would have to use HTTP Digest Access Authentication. I have submitted an issue suggesting that mitmproxy implement it, but I don't expect that to happen too soon because I don't think it aligns very well with mitmproxy's intended/primary use cases.
I have also experimented with setting up Userscript Proxy behind another proxy that does support HTTP DAA. I have a working proof of concept, but there are some question marks left. In particular, I'm not (yet) confident enough in the security of HTTP DAA to use it for this purpose. Keep in mind that any security flaw would mean anyone could use one's Internet connection for, like, anything.
So, to summarize, I think the idea suggested in this issue is likely not feasible, but work is being done that may result in a solution that I think will be at least as useful. :slightly_smiling_face:
diegodlh
This is a great idea!
Firefox for Android was one of the few mobile browsers which supported extensions (including Greasemonkey) but the new version has significantly reduced extension support to just a few "recommended" ones.
Having Firefox's (and other browsers') traffic go through this proxy would be a great alternative to the Greasemonkey extension. However, ideally the proxy should be able to run locally, on the Android device itself.
I have been looking around, but I haven't been able to find much. The closest matches seem to be SandroProxy (which is anyway outdated), and "Proxy Server", neither of which seems to be able to inject userscripts.
Do you know if it would be possible to have your server run as an Android app? Do you know if anyone has tried already? Ideally, it shouldn't require root access, to make it available to most people.
Thanks!