HTTP Forward Proxy

Forward Proxy is similar to Socks5 in that it is implemented as an application.

Enabling port

  • Port: fill in the port used to enable the HTTP Forward Proxy service.
  • Type: Select http_proxy.

Adding Applications

  • Port: The port enabled in the previous step.
  • Request Type: The type of request that needs to be proxied, default is HTTP and HTTPS.
  • Authentication Type: Supports Custom Authentication and Proxy-Authorization: Basic.
    • Custom Authentication: User can use the parsed Proxy-Authorization, HTTP headers, URI parameters, built-in variables, etc. for flexible authentication.
    • Proxy-Authorization: Basic: Standard basic proxy authentication. In this case, the account value and Password from Account are used as Username and Password for Basic authentication; Account Name is ignored, but authentication conditions are not ignored.

Add authentication account

  • Account name: the keyword of the account. For example, URI parameter: key1=value1&openresty=edge, where openresty is the account name, and Edge’s HTTP Forward Proxy therefore supports the dynamic account keyword.
  • Account Value: The account for authentication.
  • Password: Password of the authenticated account.
  • Start time/end time: the valid time period of the account. No setting this means there is no limit, the account will always be valid.

Adding authentication conditions

The idea behind the design of the authentication condition is it’s an arithmetic expression, e.g., x = y. x is the left argument, y is the right argument, and = is the operator.

  • Name: the name/description of the condition.
  • Left Algorithm: Algorithm that acts on the left parameter.
    • md5: MD5 on the left parameter after splicing.
    • Unselected: concate all left parameters when the operator is not presence/non-existence.
  • Left parameter.
    • Type: the location and type of the parameter.
      • URI parameter: the location of the parameter is the HTTP URI.
      • Header parameter: where the parameter is located in the HTTP Header.
      • Proxy-Authorization parameter: located in the Proxy-Authorization of the HTTP header. Supports base64 encoding.
      • Built-in parameters: such as the password for the account.
      • Custom Value.
    • Name: the name and value of the parameter.
  • Operators: specify how to compare left and right values.
    • Equal/Unequal: Perform an algorithm on the concated left parameter to get the value of A, perform an algorithm on the concated right parameter to get the value of B, and then compare whether A and B are equal or not.
    • Greater than/less than/greater or equal then/less or equal than: Left and right values are computed the same as equal/unequal, but are converted to number types before comparison. (String type comparison is not supported)
    • Exist/not exist: Judges whether left parameter exists one by one.
    • Include/not include: Left and right values are calculated the same as equal/unequal, and then judge whether the left value includes the right value or not.
    • Lags behind the current time: Compares with the current time, and if it is less than the current time and more than the set value, the following action is performed.
  • Right Algorithm: Algorithm that acts on the right parameter.
    • md5: MD5 is performed on the right parameter after splicing.
    • Unselected: Splice all right parameters.
  • Right parameter: Same as left parameter.
  • Action: Action after a conditional match.
  • Response Status Code: The status code of the HTTP response.
  • Response Header: HTTP header of the response.
  • Response Content: The content of the HTTP response.

Example request

Example 1:(HTTPS)

# https
Proxy-Authorization: openresty=edge # plain text supported

Example 2:(HTTP)

# http
arg1: value1
arg2: value2
arg3: value3
Proxy-Authorization: YjNCbGJuSmxjM1I1UFdWa1oyVT0=   # base64 encoded `openresty=edge`

Example 3:(Basic)

# http
Proxy-Authorization: Basic YjNCbGJuSmxjM1I1UFdWa1oyVT0=  # base64 encoded `openresty=edge`