[Twisted-Python] Need help with writing a secure Iran Proxy

Kevin Horn kevin.horn at gmail.com
Thu Jun 18 22:10:03 EDT 2009

Of course it depends on you definition of "safe" and "secure", but there's a
few examples around the net.  Here's a few:


If you want to add proxy authentication, it shouldn't be too
difficult...check out RFC 2068.

http://www.ietf.org/rfc/rfc2068.txt (esp sections 10.4.8, 11, and 14.33-34)

It should be similar to implementing basic HTTP auth, except you want to use
Proxy-Authenticate and Proxy-Authorization headers instead of the regular

I'm guessing the flow would go something like:
- client requests a proxied resource ( without a Proxy-Authorization header
- server sends back a 407 with a Proxy-Authenticate header
- client prompts user for credentials
- client provides request again with Proxy-Authorization header
- server proxies the resource

of course I'm no expert on web proxies so don't take my word for it...

I think you should be able to do the above by overriding some of the proxy
classes in twisted.web.proxy

Good Luck!

Kevin Horn

On Thu, Jun 18, 2009 at 2:44 AM, Andreas Trawoeger <atrawog at gmail.com>wrote:

> Hi!
> Could I kindly ask all the Twisted Gurus to take a look Austin Heaps Best
> Proxy Practices
> for Iran http://blog.austinheap.com/
> The current setup (Squid & iptables) everybody uses is extremely
> complicated to setup and it should be trivial to implement the requirements
> in Twisted. Turn it into an egg and allow everybody to simple type
> easy_install iranproxy.
> I know a little bit of Twisted, because I'm an avid Zenoss user and in
> different circumstanced I would write the proxy on my own. But in this case
> a safe implementation is a real must and I'm really worried to make some
> stupid beginner mistakes.
> So some (example) code and links to websites I should read would be greatly
> appreciated.
> Thanks to everybody!
> cu andreas
> _______________________________________________
> Twisted-Python mailing list
> Twisted-Python at twistedmatrix.com
> http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://twistedmatrix.com/pipermail/twisted-python/attachments/20090618/5aa5b0c8/attachment.htm 

More information about the Twisted-Python mailing list