search

droe / sslsplit

Transparent SSL/TLS interception
https://www.roe.ch/SSLsplit
BSD 2-Clause "Simplified" License
1.73k stars 327 forks source link

Add HTTP content filtering #277

Closed 0x501D closed 1 year ago

0x501D commented 3 years ago

This feature adds possibility of HTTP content filtering. It uses JSON format for configuration file. User can pass or drop URLs, methods and content-type (for response only). Example of configuration:

{
  "rules": [
  {
    "id": "1",
    "action": "pass",
    "method": [],
    "url": ["one.examaple.com/*"],
    "content" : ["text/*"]
  },
  {
    "id": "2",
    "action": "pass",
    "method": [],
    "url": ["two.example.com/*"],
    "content" : []
  }
  ],
  "default_action": "drop",
  "http_deny_tmpl": "<h2>%s</h2>"
}

When rules blocks something sslsplit generates HTTP response with the reason of blocking. And use for it HTML template from http_deny_tmpl parametr.

sonertari commented 3 years ago

It's @droe who should review this pr, not me. Sorry.

sonertari commented 1 year ago

Another reason that I couldn't review your pr is that I divert HTTP traffic to the E2Guardian web filter on my UTMFW project using SSLproxy. In fact, I have developed SSLproxy especially for HTTP/s content filtering (and for POP3/s and SMTP/s, or perhaps others).