MITMing HTTPS requests

[scd31]

Is there an example for MITMing HTTPS requests without ever hitting the original web server? If I just create a new response in the handle_request I get a generic "connection closed" error. I did a bit of digging through your code and I tried returning an empty response for CONNECT requests but that also didn't help. I'm assuming I'm missing something simple.

Thanks!

[omjadas]

In most cases, you will just want to return the original CONNECT request from the handle_request function so that the library will create the TLS connection for you. If you do that you should be able to return custom responses for the subsequent HTTPS requests.

async fn handle_request(
    &mut self,
    _ctx: &HttpContext,
    req: Request<Body>,
) -> RequestOrResponse {
    if req.method() == Method::CONNECT {
        return RequestOrResponse::Request(req);
    }

    // Create custom response
    let res = Response::new(Body::empty());

    RequestOrResponse::Response(res)
}

[scd31]

For my use-case I can't make any connections to the original server. I will be using the proxy and a web browser on a computer with no Internet connection. Is there a way I can make this work?

[omjadas]

No connection to the original server is made when you return the CONNECT request from handle_request. The library handles the CONNECT itself and opens up a TLS connection between the client and the proxy.

[scd31]

Oh, awesome. That works perfectly then! Thank you!