Skip to content

Releases: madeye/https_proxy

v0.3.0

13 Mar 03:53
@madeye madeye
v0.3.0
47fb46c

Choose a tag to compare

View all tags
v0.3.0 Latest
Latest

What's New

Bug Fix: HTTP/2 Stealth Mode

Fixed a critical stealth mode bug where direct visitors using HTTP/2 (the default for modern browsers and curl over TLS) received a 407 Proxy Authentication Required response instead of the expected fake nginx 404 Not Found page.

Root cause: In HTTP/2, the :authority pseudo-header is always present on every request. The proxy detection logic (is_proxy_request) used uri().authority().is_some() to identify proxy requests, which incorrectly matched all HTTP/2 traffic — including direct visitors and port scanners.

Fix: For HTTP/2, only CONNECT requests (extended CONNECT per RFC 8441) are treated as proxy requests. The absolute-URI authority check now only applies to HTTP/1.x, where it correctly distinguishes proxy requests from regular requests.

New Tests

  • curl stealth tests — Verify direct requests get 404 over both HTTP/1.1 and HTTP/2 (default)
  • Chrome stealth tests — Verify headless Chrome direct visits get the fake nginx 404 page, including subpath requests

Other Changes

  • Updated cross-compilation docs to use Docker (rust:latest image) instead of cargo-zigbuild
  • Added Open Graph and Twitter Card meta tags to landing page
  • Renamed package references from https-proxy to https_proxy
  • Added sensitive files (config, keys, .env) to .gitignore

Downloads

  • https_proxy-linux-amd64 — Linux x86_64 release binary (dynamically linked, stripped, LTO)

Full Changelog

v0.2.0...v0.3.0

Assets 4
Loading

v0.2.0

12 Mar 09:50
@madeye madeye
v0.2.0
c495802

Choose a tag to compare

View all tags
v0.2.0

What's Changed

  • Fix HTTP/2 CONNECT tunneling for Chrome/browser compatibility
  • Return 407 Proxy-Authenticate for proxy requests with missing auth (enables Chrome credential prompt)
  • Non-proxy traffic still gets stealth nginx 404
  • Add integration test suite (stealth, auth, CONNECT, forward, header stripping, curl, Chrome)
  • Add Chrome CI test job

Full Changelog: v0.1.0...v0.2.0

Loading

v0.1.0

12 Mar 04:05
@madeye madeye
v0.1.0
e40f2e5

Choose a tag to compare

View all tags
v0.1.0

Initial release of https_proxy — a stealth HTTPS forward proxy.

Highlights

  • Automatic TLS via Let's Encrypt (TLS-ALPN-01)
  • Stealth mode: fake nginx 404 for unauthorized/non-proxy requests
  • CONNECT tunneling and HTTP forwarding
  • Multi-user basic auth
  • Interactive TUI setup wizard

Assets

  • https_proxy-v0.1.0-darwin-arm64.zip — macOS ARM64 binary
Loading