Highest Voted 'http-proxy' Questions - IT Security Stack Exchange

3

votes

3 answers

How does Facebook really identify requests?

Today I have discovered something very strange. It seems like Facebook is playing some kind of unfair game for identifying one's online identity. So, here is what I have done: I have a regular Facebook account, everything is OK. It becomes…

network http http-proxy

asked Aug 03 '15 at 22:34

Danny Babbev

159
1
6

3

votes

1 answer

What kind of attacks can target static resources?

Static resources and their caching interests me from the security perspective. Let's say we have an .jpg file requisted from the origin -> going through a reverse proxy with caching -> reaching the browser (and is also cached). What attack vectors…

attacks proxy http-proxy caching

asked Aug 02 '15 at 12:14

Mindaugas Bernatavičius

335
1
2
7

3

votes

4 answers

How safe is SSL on an untrusted computer and network?

In situations where the consumer doesn't trust/control the workstation and the network, can consumer safely do potentially sensitive activities (like making a payment or transferring confidential documents) over the internet when HTTPS is used? For…

tls web-browser certificate-authority http-proxy

asked Feb 19 '15 at 22:25

ambidexterous

151
5

3

votes

1 answer

What's the interest for web proxy over transparent proxy

A network I'm working on has only a web proxy (http, https) to communicate outside (mostly used for cache purposes, not whitelist or blacklist support). This requires lot of configuration to all tools to declare proxy, which is quite heavy and…

network http-proxy

asked Feb 14 '15 at 16:02

Kartoch

219
1
6

3

votes

1 answer

How the whatismyip knows real ip address?

I just realize that this website knows the real ip address even if you use proxy ,i found this question, so start to test every possible way,first, this website don't have a X-Forwarded-For or X-Client-IP in its source code,second, this site don't…

proxy ip http-proxy

asked Aug 26 '14 at 17:46

abolmabol

33
2

3

votes

1 answer

What kind of requests are those?

I receive a lot of requests like this: ip-10-80-XXX-XXX.eu-west-1.compute.internal:80 110.249.208.XXX - - [11/Dec/2013:10:27:17 +0000] "GET http://mn.sina.com.cn/news/xianchang/2012-06-07/212535.html HTTP/1.1" 200 9515…

http apache spam http-proxy

asked Dec 11 '13 at 10:35

powtac

769
2
7
11

3

votes

1 answer

Is using a WebServer as a proxy a secure solution

There are 2 machines - both running Windows Server. Machine1 can access the internet. Machine2 cannot access the internet, but can access Machine1. Machine2 needs to continuously access one external https GET URL on the internet. So the way I was…

webserver proxy http-proxy

asked Aug 02 '13 at 04:55

user93353

1,982
3
19
33

3

votes

1 answer

OWASP ZAP does not properly proxy my HTTP responses?

I tried using the web proxy functionality of OWASP Zed Attack Proxy (ZAP) to edit the response JavaScript and HTML. I tried to make a button get the attribute disable="false" instead of disable="". I can easily use the Firebug console to achieve…

http-proxy

asked Aug 02 '13 at 02:30

David from earth

169
1
8

3

votes

2 answers

How can I implement authentication in my proxy server?

I have a proxy server, it will have a captive portal page. Users will be required to sign in before gaining access to the internet. So far I am aware of IP and/or MAC address based authentication. Is it possible to use HTTP cookies to implement…

authentication http proxy http-proxy

asked May 08 '13 at 03:54

user2320724

131
1
2

3

votes

1 answer

How should this system be protected from ARP spoofing?

Background My university uses an authenticated (squid) HTTP proxy server for accessing the internet. There are a few reasons for this: They want to track misuse of the connection Our university has subscriptions to most paywalled journals, and…

man-in-the-middle proxy arp-spoofing http-proxy

asked Apr 26 '13 at 07:02

Manishearth

8,237
5
34
56

3

votes

2 answers

Securing Java web services called by web site in DMZ using web services for communication

Suppose you have an application running Java web services in Apache Axis 2. Specifically, these are JAX-WS (Java API for XML-Based Web Services). Currently these web services are on the same Windows Server 2008 server that our web site (web…

java apache web-service iis http-proxy

asked Mar 06 '13 at 23:35

MacGyver

205
2
6

3

votes

1 answer

SSL MITM Proxy Security - Can we rely on it?

In my organization, we have an SSL MITM (Man-in-the-middle) proxy (like ZScaler proxy). If I browse an HTTPS website and check the certificate, I can see that the proxy has issued a separate certificate for the site(means the original certificate…

encryption tls public-key-infrastructure proxy http-proxy

asked Sep 03 '19 at 07:41

SRaj

155
3

3

votes

3 answers

Block the HTTPS version of a website

I would like to block some websites from their HTTPS version and allow them on HTTP. The main websites involved are Youtube and Google Images/Videos. I am using K9 Web Protection on each computer, and it has a limitation on its ability to enforce…

tls google http-proxy

asked Jun 27 '12 at 23:05

Ismael Lemhadri

31
1
1
4

3

votes

1 answer

Prevent external script from loading using Burp

I am using free edition of Burp Suite to analyze some requests. Suppose, website is https://www.example.com. Now, there is a javascript file in https://www.example.com/templates/scripts/xyz.js. I want to prevent this file from loading while…

javascript http-proxy burp-suite

asked Apr 14 '16 at 20:25

Cyberzinga

41
2

3

votes

1 answer

HTTP Response splitting - is it browser caching or server caching issue?

I am trying to wrap my head around HTTP Response splitting. Although using WebGoat etc. I was able to learn how to do it in practice, but I guess I am still confused with some very fundamental understanding of how it really works. Hoping someone…

http http-proxy caching response-splitting

asked Nov 05 '15 at 10:06

qre0ct

1,492
3
19
30

Questions tagged [http-proxy]