https代理 [英] https proxy
问题描述
有没有人知道一个工作(python)https代理,它允许查看从我的浏览器发送到https网站的未加密数据?
http:http:// rel=\"nofollow\" href=\"http://xhaus.com/alan/python/proxies.html\" target=\"_blank\"> http ://xhaus.com/alan/python/proxies.html ,但许多人声称支持
https,如果您实际上将浏览器指向代理,那么它们可以正常工作
http,但不适用于https页面。
TIA
Paul Sweeney
Does anyone know of a working (python) https proxy which allows viewing of
unencrypted data being sent from my browser to an https site?
I''ve worked my way through most on the list at
http://xhaus.com/alan/python/proxies.html, but while many claim to support
https, if you actually point your browser at the proxies, they work fine for
http, but not for https pages.
TIA
Paul Sweeney
推荐答案
Paul Sweeney写道:
Paul Sweeney wrote:
有没有人知道一个工作(python)https代理,它允许查看从我发送的未加密数据浏览器到https网站?
Does anyone know of a working (python) https proxy which allows viewing of
unencrypted data being sent from my browser to an https site?
嗯,我认为使用https的_purpose_是为了使它相对无法查看未加密的数据作为男人他中间的..
hmm, I thought the _purpose_ of using https was to make it relatively
impossible to view the unencrypted data being the "man in the middle"..
Simon Dahlbacka写道:
Simon Dahlbacka wrote:
嗯,我认为使用https的_purpose_是为了使它相对
不可能将未加密的数据视为中间的人..
hmm, I thought the _purpose_ of using https was to make it relatively
impossible to view the unencrypted data being the "man in the middle"..
这当然不是不可能的,有像Paros这样的工具用于java
作业,浏览器与代理建立http连接(使用
代理'的内置证书),然后代理设置https
与目标服务器的连接,但在重新加密以发送到目标服务器之前,数据在
代理中未加密。
什么(几乎)不可能是拦截并做一个中间人对现有连接的
攻击。我不想拦截网上的东西,
看看我机器上的浏览器发送/接收的内容
HTH: - )
It''s certainly not impossible, there are tools like Paros for java which do
the job, the browser sets up an http connection with the proxy (using the
proxy''s built in certificate), and the proxy then sets up an https
connection with the destination server, but the data is unencrypted in the
proxy before being re-encrypted to send to the destination server.
What is (virtually) impossible is to intercept and do a "man in the middle"
attack on an existing connect. I don''t want to intercept stuff on the net,
just see what the browser on my machine is sending/receiving
HTH :-)
Paul Sweeney写道:
Paul Sweeney wrote:
Simon Dahlbacka写道:
Simon Dahlbacka wrote:
嗯,我想使用https的_purpose_使得相对无法查看未加密的数据是中间的人..
hmm, I thought the _purpose_ of using https was to make it relatively
impossible to view the unencrypted data being the "man in the middle"..
这当然不是不可能的,有像Paros这样的工具用于工作,浏览器与代理建立http连接(使用
代理'的内置证书),然后代理设置https
与目标服务器的连接,但在重新加密以发送到目标服务器之前,数据在
代理中未加密。
什么(几乎)不可能是拦截并做一个中间人攻击一个存在的人g连接。我不想拦截网上的东西,
只是看看我的机器上的浏览器发送/接收的内容
It''s certainly not impossible, there are tools like Paros for java which do
the job, the browser sets up an http connection with the proxy (using the
proxy''s built in certificate), and the proxy then sets up an https
connection with the destination server, but the data is unencrypted in the
proxy before being re-encrypted to send to the destination server.
What is (virtually) impossible is to intercept and do a "man in the middle"
attack on an existing connect. I don''t want to intercept stuff on the net,
just see what the browser on my machine is sending/receiving
这听起来像你想要的要么看到原始数据流(
加密的东西),要么你想看到如果它没有使用浏览器将发送的未加密数据
HTTPS。它的价格还不清楚。如果是后者,为什么不使用Paros,因为你似乎已经了解它以及它是如何工作的?
(你的请求不清楚的原因是因为你的第一条消息
谈到看到未加密的数据从[你的]
浏览器发送到https网站,但显然,正如你所知,那里有/>
没有未加密的数据进入https网站......但是既然你已经知道了这一点,那么就不清楚你是哪一个
请求。)
-Peter
It sounds like you want either to see the raw data stream (the
encrypted stuff), or you want to see the unencrypted data that
the browser would be sending if it weren''t using https. It''s
still unclear. If the latter, why not use Paros, since you seem
to know about it and how it works?
(The reason your request is unclear is because your first message
talks about seeing the "unencrypted data being sent from [your]
browser to an https site" and yet obviously, as you know, there
is no unencrypted data going to the https site... But since you
certainly know this, it makes it unclear just which you are
requesting.)
-Peter
这篇关于https代理的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
