I am using http-client in clojure with proxy. And I want to try http-kit, however I don't find a way to use proxy. I have a list of proxies stored in database, and then randomly pick up a proxy and use it in http client. Look like there is no api/parameter in http-kit to use a proxy.
There's an open issue for proxy support in http-kit, it doesn't support it yet. https://github.com/http-kit/http-kit/issues/75
Related
Sorry for the basic question (I'm new with gRPC).
Is it possible to use http transcoding without google cloud platform & endpoints?
(Referring to this article: https://cloud.google.com/endpoints/docs/grpc/transcoding)
I'm currently trying to create a mock-application and we are trying to have some sort of frontend with a UI (or can go headless browser in the beg.) that can send HTTP requests to the Extensible Service Proxy, and then ESP will transcode the HTTP request to HTTP2 so that it can be sent as a request to our gRPC services. I think K8s is a bit overkill since we'll only have a few containers (and not too familiar with deployment in k8s).
I'm trying to just use grpc-node, and want to do http mapping in ESP.
Can we just import <import "google/api/annotations.proto";> into our protofile and get this functionality of HTTP mapping?
As mentioned by DazWilkin, your best option would be to use the Envoy Proxy.
If you are used to using Docker, there is a container of the application available here.
Regards,
Frederic
I have a little Clojure app that uses http-kit to send some http post requests to a server. I want to route the https POST request through a proxy P, ie. I want the traffic to go like App->Proxy->Server.
(This is because the target host X restricts access based on IP)
Is this possible?
Also the App runs on an ubuntu server, are there maybe system-level configurations possible to make http-kit use a proxy server? I prefer other processes to be unaffected though.
http-kit is supposed to follow the standard method of configuring proxies in Java:
-Dhttp.proxyHost=proxyhostURL \
-Dhttp.proxyPort=proxyPortNumber \
-Dhttp.proxyUser=someUserName \
-Dhttp.proxyPassword=somePassword
which you can set in your lein profile or in the application server if you are using one.
http-clj now support proxy: https://github.com/dakrone/clj-http#proxies
For http-kit, according to the author's reply in this issue, the answer is NO.
But the good news is fewer weeks before it support basic HTTP proxy ( commit a207537 on http-kit ).
After all, it seems there is no way to set up a system wide proxy for JVM applications.
We are running nginx as a reverse proxy that forwards requests to a Clojure application running Compojure, a library that wraps around Jetty and provides our application with the ability to service web requests.
We currently capture logs generated by both nginx and the Clojure application (via log4j to syslog). We are unable, however, to match an entry in the nginx log to an entry in the syslog output of the Clojure application.
We need to figure out a way to modify the request sent upstream to the Clojure app to include some kind of ID. This could be an integer, UUID, whatever.
Do you have any suggestions as to how best to accomplish this?
Thanks for your help!
Compojure is written on ring and ring has middleware :)
you would write a middleware called with-uuid that adds the UUID to the request map on the way in and to the reply on the way out.
Of course the best approach would be an nginx module, duplicating the functionality of apache's mod_unique_id.
There doesn't seem to be one yet. Here's a patch that wants to graduate to a module someday.:
http://mailman.nginx.org/pipermail/nginx-devel/2011-June/001015.html
I'd like to restrict access to my web service to registered clients. The first thing I thought of was to mimic that of AWS which, in a nutshell, issues clients a non-secret and secret key pair, and requires clients to prove knowledge of the secret key by using a cryptographic function of some of the HTTP request data and the secret key, then specifying the output of the crypto function in a request header. AWS does the same and checks that the expected signature matches what the client has specified. The secret is not transmitted, blah blah. This is pretty typical and not that interesting albeit useful.
http://mws.amazon.com/docs/devGuide/Signatures.html
http://chrisroos.co.uk/blog/2009-01-31-implementing-version-2-of-the-amazon-aws-http-request-signature-in-ruby
My preferred web server for web services is nginx. I'd like to start requiring similar request signatures in certain services. It makes sense to me to create an nginx module that handles request signature validation before ever sending the request to an upstream process (my web service instance(s)).
Do you know of such a nginx module? Do you know of a different one that I can base my work off of?
There's a decent nginx module writing guide here:
http://www.evanmiller.org/nginx-modules-guide.html
Please note that I'm not asking "how do I write a nginx module?" I'm simply trying to avoid reinventing the wheel.
Thanks!
If I'm understanding correctly, you could simply check for custom headers with an if($http_{yourheader}){} and validate that against a backend such as memcached, or proxy to a fastcgi script, or even use an embedded perl script (although this will be slow and could block).
AFAIK there aren't any specific standard or third-party modules that do this, but a combination of them could provide a suitable solution (eg; $http_{header} + redis backend, for instance).
Is there a particular reason you're not looking to use custom SSL certs? They would seem an adequate solution for restricting access with added security.
I am trying to create a SOCKS proxy in C++ that runs as a background process on localhost.
If the user's browser is configured to use the proxy, I want all HTTP requests to be passed along through the normal TCP/IP stack. i.e. The browser will behave exactly as it normally would.
Eventually I will add another layer which will check to see if the requested resource matches certain criteria, and if so will handle the request differently. But for now I'm just trying to solve the basic problem... how to create a SOCKS proxy that doesn't change anything?
I would look into the Squid project, depending on what you need it for.
http://www.squid-cache.org/
GPL licensed source.
Insanely nice for many good things.
Jacob
It is far easier to build a HTTP Proxy then a SOCKS4/SOCKS5 as HTTP protocol is human readable and SOCKS protocols are not. Here is an exemple of a HTTP proxy I build for experience some years ago. It used to work fine with old browsers, now its broken as it cannot handle persistent connections, but it still is a good source to learn how it works.
Maybe you rather use a already existing HTTP proxy software like Squid.