How can I redirect HTTP requests made from an iPad

2019-01-20 22:22发布

问题:

Since on an iPad we cannot edit the hosts file (without jailbreaking), how can we arbitrarily redirect web traffic to another url?

This would be important for something such as developing a website that uses a Virtual Host configuration where you want to redirect to a development machine.

(This is related to this question: Can I edit an iPad's host file?)

回答1:

The way to get around this limitation of the iPad is to use a HTTP proxy server, such as Squid running on another machine where you can edit the hosts file.

On the iPad Under Settings -> Network -> Wi-Fi -> (Your network) There is a HTTP Proxy setting which can be set to manual. Enter you proxy information here.

Once this is set up you would be able to manipulate the iPad as if you were changing the hosts file.



回答2:

I found you just have to modify the Wifi settings in your iPad to use the IP address of your development machine as an HTTP proxy (as explained in the aforementioned article):

That way, it's enough to be able to access your web application on your iPad by entering the url of the virtual host (e.g. local.mywebapp.com). It's easy and quick, but unlike Will Koehler's solution, you will however not be able to access Internet from the iPad. But most of the time it's not really a problem, since you just want to test your own application.



回答3:

Setup the hosts file on a computer running a proxy server such as Fiddler or Charles, and configure the iPad to use that computer as an HTTP proxy.

Here are instructions for how to do this with Fiddler: http://conceptdev.blogspot.com/2009/01/monitoring-iphone-web-traffic-with.html

And this is for Charles: http://www.ravelrumba.com/blog/ipad-http-debugging/



回答4:

I need to test web apps I am developing on an iPad. I use Apache on my dev machine to run the web apps, so the easiest solution I found was to use Apache mod_proxy.

My dev machine is visible on my home network as sapphire.local.

The web app I am testing is at hosted on the dev machine at demo.cms.dev (I am using POW).

To setup the proxy, I added the following section to httpd.conf.

<VirtualHost *:80>
  ServerName sapphire.local
  ProxyPass / http://demo.cms.dev/
  ProxyPassReverse / http://demo.cms.dev/
  ProxyPassReverseCookieDomain .cms.dev .sapphire.local
  ProxyPreserveHost Off
</VirtualHost>

This routes incoming requests on sapphire.local to demo.cms.dev. The method only works for one app at a time. I think you could use different ports to setup additional apps. Maybe someone has a better solution?



回答5:

If you already have an Apache server where you're doing dev, you can easily use it as a forward proxy. This is particularly useful for WordPress sites, which really love to use the full absolute URL.

Ubuntu example below:

The first step is to edit the /etc/hosts file in your dev server. Add the server's local IP, pointing to your site.

127.0.0.1 dev.mysite.com

This hosts file will be used by your Apache proxy when it tries to resolve requests from your iPhone / iPad. So let's setup the Apache part now...

You may need to install some modules first.

sudo apt-get install libapache2-mod-proxy-html
sudo a2enmod proxy proxy_http proxy_html
sudo apache2ctl graceful

Then create a virtual host file, for example /etc/apache2/sites-available/my-proxy

Listen *:8080
<VirtualHost *:8080>
    ProxyRequests On

    <Proxy *>
        Order Deny,Allow
        Deny from all
        Allow from 192.168.1.0/24 
    </Proxy>
</VirtualHost>

Enable the vhost, and restart Apache:

sudo a2ensite my-proxy
sudo apache2ctl graceful

Then go to Settings > Wi-Fi > Your Network and configure a "Manual" proxy. Enter the IP of your Apache server, and the port. That's it!

The <Proxy *> block ensures that only people on my local network can use this proxy. Strictly limiting access is essential if you are using a forward proxy. The ip2cidr page will be helpful at this point. (As an extra measure, the :8080 port is blocked by my firewall.)



回答6:

It's also possible to use Weblock - AdBlock for iOS app (available for $1.99 here: https://itunes.apple.com/us/app/weblock/id558818638?mt=8) to create web traffic redirects.

This allows you to redirect any traffic matching certain rule to specified IP address. This will emulate adding an entry to /etc/hosts on your iOS device. If the hostname set in requests is handled by the IP you direct your traffic to, you can use this to test private API or even sniff traffic sent from other apps or websites. This unfortunately works only for http/https connections.

All this can be done only while on Wi-Fi (one of Weblock's limitations). There main advantage is that you can easily configure everything from your iOS device and there is no need to mess with DNS/proxy server configuration.

Here's an example:

  1. I've configured Weblock like this: http://i.stack.imgur.com/c5SUh.png
  2. Opened Safari and typed in www.google.com as URL
  3. This is the output in terminal on my Mac listening for connection on port 1234:

    macbook-pro-tk:~ kpr$ nc -l -v -v 1234
    GET http://www.google.com/ HTTP/1.1
    Host: www.google.com
    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
    Proxy-Connection: keep-alive
    PREF=ID=7722bc3c844a7c26:TM=1402073839:LM=1402073839:S=5bSJJsM2p0HgUP7L
    User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 7_1_1 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0 Mobile/11D201 Safari/9537.53
    Accept-Language: en-us
    Accept-Encoding: gzip, deflate
    Connection: keep-alive

Weblock is also good to selectively redirect some URL's with regular expressions. You could redirect queries to certain endpoint only, while all other queries go to the IP returned from the DNS. This actually allows for even more fitting configuration that /etc/hosts does.

Example: If I create a URL redirect rule for htt*://somedomain.com/api/login* and some IP and port, I will see only traffic from this URL at this IP and port, while all other traffic to somedomain.com will go directly to the IP returned by the DNS. Notice it will work for both /api/login and /api/login?someparam=somevalue thanks to the wildcard * sign at the end of the rule.



回答7:

I made it by using squidman on Mac. It's easy to set up and use.
I set it up in 5 minutes by following this article.

Update

Another thing is if you want to connect to the websites running on proxy server, in my case it's my Mac, you need to comment this line out in squidman->Preferences->Template

# protect web apps running on the proxy host from external users
# http_access deny to_localhost


回答8:

You could setup an internal DNS server on your network (if one does not exist already) and setup an A record. Then ensure your DHCP is set to return said DNS server



回答9:

You can also use http://xip.io/ using the instructions on that page you can enter the ip address and it will redirect you to the relevant local ip.



回答10:

If you have a live website you can use for this:

You can add an A record to your DNS configuration: something.yourdomain.com which points to your local IP address, then add an entry for something.yourdomain.com to your virtual hosts file. Restart Apache, get your iOS device on the same network and you're good to go.



回答11:

Here is a no configuration method for cross device/computer testing of a Mamp Pro Virtual host. The only limitation is you can only test one domain at a time, but for me this is fine when I'm developing. It is really simple however to change between virtual hosts directly in mamp.

Im running mamp pro 2, mountain lion. My sites folder contains the individual domain folders.

I found if you choose the specific ip of the local computer under the virtual host 'ip /port' and restart mamp this domain will become the default domain when viewing the localhost computers' ip address, or computer name, across the network.

For testing purposes this works great across all devices on the network, including the iPad. If you want to test another virtual host you can simply return the ip/port config to "*" and then reassign another domain to the computers ip address and restart.

The advantage of this simple approach is you can provide access to clients directly to your development sites when your on the same network without having to go through any configuration on their machine.

Hope this helps anyone else looking for simple solution.



回答12:

Internal DNS Server is one of the option but that was too cumbersome to implement. We tried installing squid as proxy server but that also didnt work because it was redirecting the URL to new server and this redirection was seen on browser URL too.

Thing which finally worked for us was to install Fiddler on one of the server and use this server as the proxy server on ipad. Fiddler also has a feature to map sub-domains to IP address i.e. something similar to /etc/hosts.



回答13:

Nice tutorial to do so: http://egalo.com/2012/05/29/testing-mac-web-site-using-local-hostname-on-mobile-device/

An other way is to connect the IPad via Local Hotspot with my MAC OS X and establish an port-forwarding to the development VM. To achieve this I'v done the following Steps:

  • on MAC OS X create a WLAN-Hotspot Link how to do this
  • connect the iPAD with the Hotspot-WLAN (on iPAD >> Settings >> WLAN)
  • Add the ServerAlias to the local development-VM (details below)
  • establish ssh-portforwarding
    ssh -NL <IP-of-hotspot-host>:<source-port>:<url-to-local-vm>:80 <user-to-vm>
  • int the iPADs Browser open the page with the IP
    <IP-of-hotspot-host>:<source-port>

Where to get 'IP-of-hotspot-host':

After created hotspot there is a WLAN-Point in
MAC OS X system settings >> Network >> WLAN

Adding the ServerAlias:

At my development-VM (Apache2) in /etc/apache2/sites-available/dkr.dev.local I had to add the following:

<VirtualHost *:80>  
    ...  
    ServerAlias <IP-of-hotspot-host>  
    ...  
</VirtualHost>


回答14:

If you've been exploring this, and a few of the external links, you will possibly find this answer:

https://stackoverflow.com/a/24770097/3842985

It is about a light-weigh DNS server called dnsmasq. Super simple, very powerful, and can be used in conjunction with your internal or external DNS servers.

Much easier than installing squid, fiddling with Apache, and other techniques that would be time-consuming, and risk the "integrity" of configurations, develop environments, test environments, etc.

Well worth considering.

I adopted that as a regular tool for development and for normal networking.



回答15:

I would try Relay Server (part of Afaria) which can re-direct mobile traffic based on profiles.

Update: tremoloqui's answer seems less trouble and far cheaper.



回答16:

Answers herein are correct. A bit more knowledge: These will not work with cert pinning. What you can do is either (1) use a domain wildcard cert to support your dev/test/qa region testing. And/or (2) use a reverse proxy server such as Apache whereby you change to where Apache routes the requests within your network. Now, when you get into SSL Pinning testing then you are dead in the water with the physical devices and can only validate with simulator (ios) and emulator (android).