I need to test some HTTP interaction with a client I'd rather not modify. What I need to test is the behavior of the server when the client's requests include a certain, static header.
I'm thinking the easiest way to run this test is to set up an HTTP proxy that inserts the header on every request. What would be the simplest way to set this up?
I do something like this in my development environment by configuring Apache on port 80 as a proxy for my application server on port 8080, with the following Apache config:
NameVirtualHost *
<VirtualHost *>
<Proxy http://127.0.0.1:8080/*>
Allow from all
</Proxy>
<LocationMatch "/myapp">
ProxyPass http://127.0.0.1:8080/myapp
ProxyPassReverse http://127.0.0.1:8080/myapp
Header add myheader "myvalue"
RequestHeader set myheader "myvalue"
</LocationMatch>
</VirtualHost>
See LocationMatch and RequestHeader documentation.
This adds the header myheader: myvalue to requests going to the application server.
You can also install Fiddler (http://www.fiddler2.com/fiddler2/) which is very easy to install (easier than Apache for example).
After launching it, it will register itself as system proxy. Then open the "Rules" menu, and choose "Customize Rules..." to open a JScript file which allow you to customize requests.
To add a custom header, just add a line in the OnBeforeRequest
function:
oSession.oRequest.headers.Add("MyHeader", "MyValue");
i'd try tinyproxy. in fact, the vey best would be to embedd a scripting language there... sounds like a perfect job for Lua, especially after seeing how well it worked for mysqlproxy
I have had co-workers that have used Burp ("an interactive HTTP/S proxy server for attacking and testing web applications") for this. You also may be able to use Fiddler ("a HTTP Debugging Proxy").
Use http://www.proxomitron.info and set up the header you want, etc.
Rather than using a proxy, I'm using the Firefox plugin "Modify Headers" to insert headers (in my case, to fake a login using the Single Sign On so I can test as different people).
If you have ruby on your system, how about a small Ruby Proxy using Sinatra (make sure to install the Sinatra Gem). This should be easier than setting up apache. The code can be found here.