Selective HTTPS proxy for web browsers

Andrew Dolgov 1b6f0cd3e0 minor css fix 5 months ago
img 68a1c9814a add icons; ping check the proxy before setting 3 years ago
lib 248924f06f upd jquery 1 year ago
.eslintrc.js e1dcfd2e97 eslint 7 months ago
.gitignore faa67e3e26 initial work for jquery/codemirror; remove stock whitelist 1 year ago
Makefile 6a313465ca makefile 8 months ago
README.md 80d0a015b9 Update 'README.md' 11 months ago
background.js 9804235dff fixes for new, yet another proxy API implementation in firefox 11 months ago
common.js 9804235dff fixes for new, yet another proxy API implementation in firefox 11 months ago
manifest.json 1b6f0cd3e0 minor css fix 5 months ago
options.html 1b6f0cd3e0 minor css fix 5 months ago
options.js 24c1bf216f tiny change for jquery 3 1 year ago

README.md

Selective HTTPS proxy for Chrome/Firefox

Ensures connectivity for otherwise blocked websites by routing user-specified domains (optionally including subdomains) via a secure proxy.

Typically used with squid (ssl + basic auth) and nginx (should respond to /ping on proxy host:443 if proxy credentials are correct) - /ping is used to check connectivity.

You can use a different proxy and/or https server as long as it responds to extension as outlined below.

Squid example

sslproxy_cipher EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+RC4:EECDH:EDH+aRSA:HIGH:!RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS

https_port 8443 generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=... key=... dhparams=... options=NO_SSLv3

auth_param basic program /usr/lib/squid3/basic_ncsa_auth /etc/squid/users
auth_param basic realm proxy

...

acl authenticated proxy_auth REQUIRED

http_access deny CONNECT !SSL_ports
http_access deny !authenticated
http_access allow authenticated
http_access deny all

Your distro might ship Squid built without SSL support. In this case, you will need to rebuild it or obtain a different pre-built package.

Nginx example (for ping)

location /ping {
	auth_basic sample;
	auth_basic_user_file /etc/squid/users;

	try_files DUMMY @return200;
}

location @return200 {
	return 200 'pong';
}

License

GPLv3.