HTTP proxy for interception and tampering of request packets 7-return received response packets to the client

Returned directory

Returns the response message received from the server to the client. 

Okay, at this point, all the response packets are received from the server, so the next step is the final outcome: Package the response packets received from the server and then send them to the client. The long march was finally approaching, and the oriental girl was about to save lives. Was it a little excited? Of course, I was excited. In the end, I still had to finish these steps.

• HTTP proxy for interception and tampering of request packets
• HTTP proxy for interception and tampering of request packets 2-function introduction + Source Code download
• HTTP proxy for interception and tampering of request packets 3 --CodeAnalysis started
• HTTP proxy for interception and tampering of request packets 4-read and encapsulate request packets from the client
• HTTP proxy for interception and tampering of request packets 5-forward request packets to the target server
• HTTP proxy to intercept and tamper with request packets. 6. Receive and encapsulate response packets from the target server.
• HTTP proxy to intercept and tamper with request packets. 7. Return the received response packet to the client.
• HTTP proxy for interception and tampering of request packets 8-automatically set and cancel proxy + Source Code download
• HTTP proxy for interception and tampering of request packets 8-automatic configuration and cancellation of ADSL dial-up connection proxy + Source Code download
• HTTP proxy for interception and tampering of request packets 9-demonstration + Source Code download after tampering
• HTTP proxy for interception and tampering of request packets 10-code analysis of the tampering part of the finale 

 

This. Obtainrequest ()//GET request informationThis. Response. resendrequest ()//Repackage request packets and forward them to the target serverThis. Response. readresponse ()//Read the information returned from the target serverThis. Returnresponse ()//Return the Information read from the target server to the client.
 

The four major artifacts of the session class execute method, the first three have been done, leaving only the last this. returnresponse.

Since it is this. This returnresponse is naturally in the session class.

Let's take a look.

 1  Internal   Bool  Returnresponse ()  2   {  3  Bool Flag = False  ;  4  This . Timers. clientbeginresponse = This . Timers. clientdoneresponse = Datetime. now;  5  Try  6  {  7  If (( This . Request. clientpipe! = Null )&& This  . Request. clientpipe. Connected)  8  {  9  This . Request. clientpipe. Send ( This . Response. headers. tobytearray ( True , True  ));  10  This . Request. clientpipe. Send ( This  . Responsebodybytes );  11  This . Timers. clientdoneresponse = Datetime. now;  12  This  . Request. clientpipe. End (); 13 Flag = True  ;  14  }  15  Else  16  {  17  This . State = Sessionstates. done;  18  }  19  }  20  Catch  (Exception)  21  {  22  This . State = Sessionstates. Aborted;  23  }  24  This . Request. clientpipe = Null  ; 25  Try  26  {  27  //  This. finishuisession (false );  28  }  29  Catch  (Exception)  30  {  31  }  32  Return  Flag;  33 }

There are only three sentences for finding the trunk.ProgramReading other people's code is essential. reading other people's code is like learning to find the trunk and learning to find the trunk, if you have a lot of fun, you can take a quick look)

This. Request. clientpipe. Send (This. Response. headers. tobytearray (True,True));This. Request. clientpipe. Send (This. Responsebodybytes );This. Request. clientpipe. End ();
 

Do you still remember to encapsulate the request and forward it to the server?

This. Serverpipe. Send (This. M_session.request.headers.tobytearray (True,True,This. _ Bwasforwarded &&!This. M_session.ishttps ));This. Serverpipe. Send (This. M_session.requestbodybytes );
 

The two are not the same, but the sending direction and content are different. You can see the code by yourself.

However, it is a bit confusing here, that is, after the data is sent, another such sentence is added. request. clientpipe. end (); In this method, we can see that it is actually a simple call of socket. shutdown and close the connection. This is very strange. I didn't say that if the client has a connection: keep-alive header, should the server determine whether to close the connection based on the situation? In addition, we have not changed the connection: keep-alive in the Response Header received from the server to the connection: Close process, which means that, the response header to the client may include connection: keep-alive. Doesn't that mean that the client is willing to maintain a persistent connection? On the one hand, it tells others that you agree to the persistent connection, on the other hand, and directly shut down the connection? Isn't this a breach of the agreement? Of course, this is not a violation of the Agreement. Why? This is because the connection: keep-alive does not guarantee the persistence of the connection. Both parties can disable the connection at any time without notifying the other party. That is to say, even if the server response packet contains the connection: keep-alive header or the client request packet contains the connection: keep-alive, this does not mean that the two sides will surely maintain a persistent connection. The reason is very simple, because it may happen in any situation, and neither party can guarantee it, the server suddenly becomes unavailable, the data center suddenly loses power, and the client closes the browser during the request ...... And so on. Therefore, even if both parties acknowledge connection: keep-alive and have notified the other party and agreed to maintain a persistent connection, the connection is unilaterally closed without notifying the other party to close the connection, it is not considered a default in the HTTP protocol.

Of course, there are two things between non-default and meaningless violations. Here, we close the connection directly for convenience. It is very troublesome for the proxy server to maintain a persistent connection ......

Finally, it's not easy. However, at the end of the day, we should continue to give a sigh of relief. The computer should be focused on understanding the above code, and we should use our own methods to implement it on the basis of understanding.

Okay, the rest is not arrogant. This chapter ends, but the entire series is not complete yet.

The interception is complete, and the tampering has not started yet. Although the oriental girl is already dead, Miss Ren still has to smile.