Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

com.googlecode.httpliar:httpliar

Package Overview
Dependencies
Maintainers
1
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

com.googlecode.httpliar:httpliar

HttpLiar - Java Http Proxy

  • 1.0.3
  • Source
  • Maven
  • Socket score
Version published
Maintainers
1
Source

Http Liar(说谎者)

Logo iar

简介

Http Liar 项目是基于HTTP Proxy工作模式的一款HTTP协议拦截、篡改工具,可以基于这个工具进行针对网页的实时修改。代理性能并不是这个工具的强项,相反Http Liar对HTML、CSS、JavaScript、JSON等文本块的识别和加载以及对HTTP的解压缩行为会让网页的性能有所降低。不建议使用在性能要求非常高的场景。

特性

  • HTTP请求/应答头篡改
  • HTTP应答数据解析和篡改
  • 解压数据(gzip/inflate)
  • 二进制数据支持
  • 文本数据支持
  • 数据篡改
  • 字符编码识别
  • HTML DOM操作
  • CSS/JavaScript/JSON 文本替换

数据流转

HttpLiar是基于HttpProxy的工作模式,所以数据流转中也承担着承上启下的环节。 Logo

内部原理

HTTP的应答会在压缩之后拆分成多个Chunked的方式进行传递,作为一个Proxy如果不需要关注内部数据只需要将流经的数据包最快的传走即可。但对于HttpLiar而言我们需要了解和修改应答的数据,所以HttpLiar需要对流经的数据像浏览器进行整合处理。这也是HttpLiar为什么性能提升不上来的原因。

Logo

对于应答所返回的数据,HttpLiar抽象成了DataBlock(二进制块)。 Logo

独立运行

作为独立的HttpProxy进行部署

./java -jar httpliar-jar-with-dependencies.jar

内嵌运行

作为内嵌应用,HttpLiar已经上传到Maven中心仓库 在pom.xml中添加

<dependency>
  <groupId>com.googlecode.httpliar</groupId>
  <artifactId>httpliar</artifactId>
  <version>1.0.1</version>
</dependency>

编写Java代码

public static void main(String[] args) throws Exception {
	
	final Configer configer = getConfiger(args);

	@SuppressWarnings("unchecked")
	final HttpLiarServer server = new HttpLiarServer(configer);
	
	JvmUtils.registShutdownHook("httpliar-shutdown", new ShutdownHook(){

		@Override
		public void shutdown() throws Throwable {
			server.stopProxy();
		}
		
	});
	
	server.startProxy();
	
}

FAQs

Package last updated on 26 Feb 2013

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Risky Business Podcast: Why Open Source Software Needs Better Malware Tracking

Security News

Risky Business Podcast: Why Open Source Software Needs Better Malware Tracking

In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.

By Sarah Gooding  -  Nov 20, 2024
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc