{"id":13581414,"url":"https://github.com/moriyoshi/devproxy","last_synced_at":"2025-07-11T11:32:43.291Z","repository":{"id":48037877,"uuid":"59367770","full_name":"moriyoshi/devproxy","owner":"moriyoshi","description":"A swiss army knife of forward HTTP proxies","archived":false,"fork":false,"pushed_at":"2022-08-16T09:58:29.000Z","size":291,"stargazers_count":91,"open_issues_count":6,"forks_count":9,"subscribers_count":4,"default_branch":"master","last_synced_at":"2025-07-10T11:05:06.128Z","etag":null,"topics":["development","fastcgi","golang","mitmproxy","proxy","tls","utility"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/moriyoshi.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2016-05-21T15:39:50.000Z","updated_at":"2025-05-26T14:28:55.000Z","dependencies_parsed_at":"2022-08-12T17:20:17.499Z","dependency_job_id":null,"html_url":"https://github.com/moriyoshi/devproxy","commit_stats":null,"previous_names":[],"tags_count":5,"template":false,"template_full_name":null,"purl":"pkg:github/moriyoshi/devproxy","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/moriyoshi%2Fdevproxy","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/moriyoshi%2Fdevproxy/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/moriyoshi%2Fdevproxy/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/moriyoshi%2Fdevproxy/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/moriyoshi","download_url":"https://codeload.github.com/moriyoshi/devproxy/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/moriyoshi%2Fdevproxy/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":264795402,"owners_count":23665231,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["development","fastcgi","golang","mitmproxy","proxy","tls","utility"],"created_at":"2024-08-01T15:02:01.415Z","updated_at":"2025-07-11T11:32:42.802Z","avatar_url":"https://github.com/moriyoshi.png","language":"Go","readme":"# devproxy\n\n## What is devproxy?\n\ndevproxy is intended to be an easily configurable forward HTTP proxy for web application development.\n\nIt has the following features:\n\n* URL rewriting\n\n  If you want to get your browser to access to the upstream HTTP server listening on `127.0.0.1:3000` by a request to `http://example.com`, the configuration should look as follows:\n\n  ```\n  hosts:\n    http://example.com:\n      - ^(/.*)$: http://127.0.0.1:3000$1\n  ```\n\n  This can be done since the name resolution is done in devproxy, which is configured to map any request for http://example.com to http://127.0.0.1:3000.\n\n* Transparent TLS termination / wrapping (simulation of an SSL/TLS-enabled environment)\n\n  You can also make it possible to direct the request to `https://example.com/` to the upstream by adding the configuration like the following:\n\n  ```\n  hosts:\n    http://example.com:\n      - ^(/.*)$: http://127.0.0.1:3000$1\n    https://example.com:\n      - ^(/.*)$: http://127.0.0.1:3000$1\n  ```\n\n  Even though you don't have a valid certificate prepared for `example.com`, devproxy automatically generates it on the fly.  However, it is necessary to set up the private PKI for issuing bogus server certificates and let your browser trust the PKI's root CA certificate.  **DO IT ON YOUR OWN RISK.**\n  \n  The CA for issuing bogus server certificates is configured as follows:\n  \n  ```\n  tls:\n    ca:\n      cert: testca.rsa.crt.pem\n      key: testca.rsa.key.pem\n  hosts:\n    ...\n  ```\n  \n* Request header modification\n\n  You can add / remove arbitrary request HTTP headers for the request being rewritten:\n\n  ```\n  hosts:\n    http://example.com:\n      - ^(/.*)$: http://127.0.0.1:3000$1\n        headers:\n          X-Forwarded-Proto: https\n          Removed-Header: null\n  ```\n\n* Testing FastCGI-enabled upstream\n  \n  You can forward the request to a FastCGI-enabled upstream:\n\n  ```\n  hosts:\n    http://example.com:\n      - ^(((?:/.*)*/[^/]+\\.php)(/.*|$)): fastcgi://localhost$1\n        headers:\n          X-Cgi-Script-Filename: /var/www/document/root$2\n          X-Cgi-Script-Name: $2\n          X-Cgi-Path-Info: $3\n  ```\n\n* Serving files on the filesystem\n  \n  You can also serve the local files by specifying `file:` scheme as an upstream:\n\n  ```\n  hosts:\n    http://example.com:\n      - ^(/.*)?/$: file:///some-document-root$1/index.html\n      - ^(/.*)$: file:///some-document-root$1\n  ```\n\n  **WARNING**: this feature does such naive path translation that is easily exploitable for path traversals beyond the document root.  Never expose the server to public when it is used.\n\n  ```\n  file_tx:\n    root: /var/empty\n    mime_type_file: /usr/share/mime/globs\n    mime_type_file_format: xdg-globs\n  ```\n\n  Toplevel `file_tx` section configures the file transport.\n\n  * `root` (string, optional)\n\n    Specifies the base directory for resolving a absolute path when a relative form of file URI yields from the match.\n\n  * `mime_type_file` (string, optional)\n\n    Specifies the path to the MIME-type-to-extension mapping file used to deduce a MIME type from the file's extension.\n    \n    devproxy will use Go's standard `mime.TypeForExtension()` function when unspecified.\n\n  * `mime_type_file_format` (string, optional)\n\n    Specifies the format for the MIME type file.  Accepted values are `apache` and `xdg-globs`.\n   \n\n* Proxy chaining\n\n  You can direct outgoing requests to another proxy server.  This is useful in a restricted network environment.\n\n  ```\n  proxy:\n    http: http://anoother-proxy-server:8080\n    https: http://another-proxy-server:8080\n  ```\n\n  `excluded` directive can be used when you want to prevent requests for the specific hosts from being proxied.\n   \n  ```\n  excluded: \n    - 127.0.0.1\n    - localhost\n    - intranet.example.com\n  ```\n  \n  Or inversely, in case of whitelisting:\n\n  ```\n  included:\n    - intranet.example.com\n    - foobar.example.com\n  ```\n  \n  TLS proxy can also be specified.\n  \n  ```\n  proxy:\n    http: https://anoother-proxy-server:8443\n    https: https://another-proxy-server:8443\n    tls:\n      ca_certs: cabundle.crt.pem\n      certs:\n        - cert: client_crt.pem # this can be either the filename of a PEM-formatted certificate or a PEM string itself.\n          key: client_key.pem # this can be either the filename of a PEM-formatted private key or a PEM string itself.\n  ```\n\n## Installation\n\n```\ngo get github.com/moriyoshi/devproxy\n```\n\n## Using devproxy\n\n```\n$GOPATH/bin/devproxy -l listen_addr configuration_file\n# ex: $GOPATH/bin/devproxy -l 127.0.0.1:8080 config.yml\n```\n\nAnd Adjust your browser's proxy settings to what is exactly given to `-l` option.\n\n## Setting up the private PKI\n\n```\nopenssl genrsa 2048 \u003e testca.rsa.key.pem\nopenssl req -new -key testca.rsa.key.pem -out testca.rsa.csr.pem\nopenssl x509 -req -in testca.rsa.csr.pem -signkey testca.rsa.key.pem -days 3650 -sha256 -extfile x509.ini -extensions CA -out testca.rsa.crt.pem\n```\n\nx509.ini:\n```\n[CA]\nbasicConstraints=critical,CA:TRUE,pathlen:1\nkeyUsage=digitalSignature,keyCertSign,cRLSign\n```\n\n## Configuration file example\n\n```\ntls:\n  client:\n    verify: true\n  ca:\n    cert: testca.rsa.crt.pem\n    key: testca.rsa.key.pem\n\nhosts:\n  http://api.example.com:\n    - ^(/v1/.*)$: http://localhost:8000$1\n    - ^(/v2/.*)$: http://localhost:8001$1\n  http://example.com:\n    - ^(/asset.*)$: http://localhost:8002$1\n    - ^(/.*)$: http://localhost:8003$1\n```\n","funding_links":[],"categories":["Go"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmoriyoshi%2Fdevproxy","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmoriyoshi%2Fdevproxy","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmoriyoshi%2Fdevproxy/lists"}