HTTP/HTTPS anonymizer script

[alimakki]

Suggested by @const-v in HTTP/HTTPS anonymizer script #1029:

Can you add an anonymizer script to streisand? For simple and urgent access to sites, without installing software. For example, like Glype.

[cpu]

In general I feel like this is a pretty niche use-case (if others are interested they should speak up). It will increase the attack surface of a Streisand instance and I think the project is generally focused on persistent VPN connections.

I'm also nervous about the way this feature request is being presented. These scripts don't offer anonymity. No VPNs offer meaningful anonymity. Please use Tor if you require anonymity. Unfortunately this does require installing software. There's no way around that.

[nickolasclarke]

given that @const-v is probably attempting to connect from Mainland china, I suspect their main concern is simply bypassing the GFW as quickly as easily as possible. With that in mind and at the risk of putting words in someone's mouth, I also would suspect the word "anonymizer" is not quite what they meant either.

I can see a use case for being able to get around GFW without need for installing a client of some sort, such as at a device other than your own, even if performance is not great. There has been many a time I've been completely out of luck to access something from a 3rd party device. This is especially true given the reality of the new censorship of VPN apps in the iOS store. Not sure Glype is the right choice if we were to incorporate such a feature though.

[const-v]

I'm from Russia, there are a lot of blockages of political and pirate sites. Anonymizer, this is the most accessible way to access the site, if the computer or smartphone does not have rights to install applications.

Sorry for Google translator.

[cpu]

@const-v @nickolasclarke Interesting perspectives. Thanks for sharing! Perhaps an optional and disabled-by-default role would be appropriate if there is more demand.

My own feeling is that for the short term our limited resources might be better focused on making sure the first party "always-on" features work reliably before moving on to 3rd party devices/software-free access.

[nickolasclarke]

Agreed. If there is a good, well supported project that would create such a type of proxy with the desired front end, than I think its something we can consider. I don't know anything off the top of my head that has that all packaged up nice for us.

[const-v]

I added a script-anonymizer with my server Sreisand. If interested, I can make a copy of the instance and give its address, evaluate the functionality. I'm not a sysadmin or a programmer, so it could lower the security of my server, but it's convenient to use.

SFGT

[nickolasclarke]

@const-v did you use glype to do so? Or another project?

[const-v]

The Glype site does not work, I put the first anonymizer that I could find in Google. Here is a Russian site from which I downloaded it: http://avcore.ru/php-proxy-script. I do not know who wrote it, but it works well.

SFGT