Atitit. HTTP proxy principle Atihttpproxy big Trojan Horse

Atitit. HTTP proxy principle atihttpproxy Big Trojan Horse

1 . This diagram clearly illustrates how the Httpproxy is implemented: 1

2 . Proxy Server Usage 1

3 . The process is as follows: 2

4 . Design Planning 3

5 . Concluding remarks 4

1. This diagram clearly illustrates how the Httpproxy is implemented:

2. Proxy Server Usage

Proxy servers are seen as a way to extend browser functionality. For example, you can compress data with a proxy server before sending the data to the browser

Debugger

Data Collector

Trojan virus

3. The process is as follows:

1, the client sends HttpRequest (GET/POST) through the browser to the proxy server;
2, the proxy server reads the request header, extracts the request specific target server host and port;
3, the proxy server sends the request hair to the target server;
4. The proxy server establishes a pipeline for the client and the target server to communicate through two sockets.

Regardless of the way the proxy server is applied, the process for monitoring HTTP transmissions is always as follows:

·  Step One: The internal browser sends the request to the proxy server. The first line of the request contains the destination URL.

·  Step Two: The proxy server reads the URLand forwards the request to the appropriate target server.

·  Step Three: The proxy server receives an answer from the Internet target machine and forwards the answer to the appropriate internal browser.

For example, suppose an employee of an enterprise tries to access website. If there is no proxy server, the employee's browser opens the socket To the web server running this site, from web The data returned by the server is also passed directly to the employee's browser. If the browser is configured to use a proxy server, the request first arrives at the proxy server, and then the proxy server extracts the target url www.cn.ibm.com socket www.cn.ibm.com Returns the answer, The proxy server forwards the answer to the employee's browser.

Of course, proxy servers are not only applicable to enterprise environments. As a developer, it's a good thing to have a proxy server of your own. For example, we can use a proxy server to analyze The interaction between the browser and the WEB server. This functionality is useful when testing and resolving problems in WEB applications. We can even use multiple proxies at the same time (most proxy servers allow multiple servers to be linked together). For example, we could have a proxy server for the enterprise, plus a Proxy Server written in Java to debug the application. It should be noted, however, that every server on the proxy server chain has a certain impact on performance.

4. Design Planning

As its name implies, the proxy server is nothing more than a special kind of server. As with most servers, a proxy server should use threads if it is to handle multiple requests. The following is a basic plan for a proxy server:

1. wait for the request from the customer (Web browser).

2. start a new thread to process the client connection request.

3. read the first line of the browser request (the line contains the destination URLof the request).

4. analyze the first line of the request and get the name and port of the target server.

5. Open a Socket to the target server (or the next proxy server, if appropriate) .

6. Send the first line of the request to the output Socket.

7. Send the remaining portion of the request to the output Socket.

8. Send the data returned by the destination Web server to the browser that made the request.

Of course, the situation would be more complicated if the details were taken into account. In fact, there are two main issues to consider here: First , reading data from a socket by row is best for further processing, but this creates a performance bottleneck; second, The connection between the two sockets must be efficient. There are several ways to achieve these two goals, but each approach has its own cost. For example, if you want to filter the data when it enters, it is best to read the data in rows; However, most of the time, when the data arrives at the proxy server, it is better to be efficient by forwarding it out immediately. In addition, data can be sent and received using multiple independent threads, but creating and removing threads in large quantities also poses performance problems. Therefore, for each request, we will use a thread to process the receiving and sending of the data and forward it as quickly as possible when the data arrives at the proxy server.

After the proxy server is connected to the Web server, I pass the data between two sockets in a simple loop. One problem here is that if there is no actionable data, calling the Read method may cause the program to block, suspending the program. To prevent this problem, I set the timeout for the socket using the Setsotimeout method (see Listing 2). This way, if one socket is unavailable and the other still has a chance to handle it, I don't have to create a new thread.

As with all thread objects,HttpproxyThe main work of the classRunmethod is completed (seeListing 2). RunThe method realizes a simple state machine, fromWebeach time a browser reads a character, it continues the process until there is enough information to locate the target.Webserver. Then,Runopen a path to theWebServer'sSocket(if multiple proxy servers are linked together, theRunmethod opens a path to the next proxy server in the chain.Socket). OpenSocketlater,Runwrite part of the request firstSocket, and then callPipemethod. Pipemethod directly in twoSocketRead and write operations are performed at the fastest speed.

If the data is large, creating a thread may be more efficient, but when the data is small, the overhead required to create a new thread offsets its benefits.

Listing 3shows a very simpleMainmethod that can be used to testHttpproxyclass. Most of the work is done by a staticStartproxymethod is completed (seeListing 4). This method uses a special technique that allows a static member to createHttpproxyClass (orHttpproxyA subclass of the Class) instance. Its basic idea is: to put aClassobject is passed to theStartproxyclass; Then,Startproxymethod takes advantage of an imageAPI(Reflection API) andGetdeclaredconstructormethod to determine theClasswhich constructor of an object accepts aSocketparameters; Finally,StartproxyMethod Invocationnewinstancemethod to create theClassobject.

With this technique, we can extend the Httpproxy class without creating a custom version of the Startproxy method. To get the class object for a given category, simply add the. class after the normal name (if you have an instance of an object, call the GetClass method instead). Because we passed the class object to the Startproxy method, when we created the derived class of httpproxy, we did not have to deliberately modify the startproxy. (The download code contains a simple proxy server that derives from it.)

1.$ Concluding remarks

There are two ways to use derived classes to customize or adjust the behavior of a proxy server: Modify the name of the host, or capture all data that passes through the proxy server. processhostname method allows the proxy server to parse and modify host names. If logging is enabled, the proxy server calls writelog for each character through the server method. How we handle this information is entirely up to us. ―― You can write it to a log file, You can export it to the console or make any other processing that meets our requirements. writelog an boolean web host.

Like many tools, the proxy server itself does not have good or bad problems, but the key is how to use them. Proxy servers may be used to violate privacy, but they can also block peeping and protecting the network. Even if the proxy server and browser are not on the same machine, I would like to think of the proxy server as a way to extend the functionality of the browser. For example, before sending the data to the browser, you can compress the data with a proxy server, and the future proxy server may even translate the page from one language to another ... The possibilities are endless.

Multi-Threaded HTTP proxy Server Java implementation-high-rise-iteye technology website. htm

Developing a proxy server with java. htm

Atitit. HTTP proxy principle Atihttpproxy big Trojan Horse