--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIDVTCCAj2gAwIBAgIJAMn580TY7tn4MA0GCSqGSIb3DQEBCwUAMEExCzAJBgNV
+BAYTAkRFMRMwEQYDVQQIDApTb21lLVN0YXRlMR0wGwYDVQQKDBRQcml2b3h5IFRl
+c3QgQ29tcGFueTAeFw0yMTAxMDkxNjQxMzNaFw0zMTAxMDcxNjQxMzNaMEExCzAJ
+BgNVBAYTAkRFMRMwEQYDVQQIDApTb21lLVN0YXRlMR0wGwYDVQQKDBRQcml2b3h5
+IFRlc3QgQ29tcGFueTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMCG
+dyCmLX+UmlP0eN+4kWQsP0bVATlmfycSjgXwhdMfQ7pHrP5RUM+Mzy60vYfXVLCn
+O6evxqx2XcZnEk6QxXRaUZfmd4Zw9F1n39x9ERFXgDNseRyoebqfmgl05STxe3Co
+NSSvYRz6iX4grzx+LWikwxvMHvPZyntPXgFhwuo6j9mBm6XfN8zIghwlQQbcgb9m
+WDC/XbFDCQcrEnGaQNJ5T2406EZptm2MZ4xU4P5M7LmQws8p7VgLiYdPyouZ2YN7
+PkCcVGzVY3YiCg7W2ETZHHurn4XsRWXdr7tgH2RzzC1Eok8QtEyn9C3XtUNWQv3J
+LeRn5LAiF7CxJKUtI3sCAwEAAaNQME4wHQYDVR0OBBYEFB7YVII5luGzJXJKgYZh
+fVH8D7CXMB8GA1UdIwQYMBaAFB7YVII5luGzJXJKgYZhfVH8D7CXMAwGA1UdEwQF
+MAMBAf8wDQYJKoZIhvcNAQELBQADggEBAAoEtgyL3paPULfconAkzRRk74XDjsz8
+sz+eSsbf0pVS4CNEWa1jrgv5PfKMqquYkDJ7IY8dD9Kqmzd/82KNZSlYACwOSbPV
+1t98wNWvvVg7eMJD3IdKcSR3HAvR75eQFI7JVy0EG62o5fGplfAZxauBa5cPhgGd
+I1DJrp/XFTOvv/SfNBMXgLZq8b6SMwyqomflNSFEfiC8IO7gEcE7CBbkHN+Hd15W
+YvAbJraAeP0YR+r2HKCqUbIVxbBWZlkjS1alvwsgDgamTVyQvNiAPzVsNY0G7lWJ
+f10kaB7Gd8NoER7jKBs6nbQTvb5UapQa0G4i3RHlYBUyg8+znz2OXK0=
+-----END CERTIFICATE-----
--- /dev/null
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQI3FrXU0ecRrECAggA
+MBQGCCqGSIb3DQMHBAhSvq1gGYC2RQSCBMihUnjghKpYieBD+F25LE8xbT+hJn1D
+n91Ax+q/0zpGCiX8CCLVbfK9i6rCmnO1qEa7YNzKSUdEmWoMrpH7wdJG5AHgRv4g
+9IiFG8HOCNFit75cQX8Fu2XrkfCSzKa0vjKZLylSrjf3UPPD+Oiifq/FD6zZtKIv
+hDM9tq0+JXQBrM2YME6yyKhueg6g1LFs6Spk2EoOW5er6ztzuM5Tv0g7P2BtPnS5
+Gi/xIGUCA0Nm8UyzjumDNtmet2xq2viKs49Ditlubu6gAJq/wHiyY/SpyBnNVbKT
+jO4VJVlXLBc0qracLLPIvL894Sc3mTe4RGDpZ2qGLgkGISzvWK9BHJjK/C37KAbQ
+/0zJFkRqJ4MOgiVlYzsTqixsw0T5qbGbtZkjV/iLwoeGKR+pVezqmlt6PvYgrRBg
+rlVnDLHuR3UKXstww0/Iyy8yON0jQYfzvSTFhsMEwv9eph/M9vwbND2oxrHY4SgY
+3Dm/alM3Bg/ZT4i7zwTMFTBC9SsJZvhAZ09Jvp1sStCmdKh1OQzeKDXZwjfbQKBC
+QYFJkXsTZkCANoHNHVVWH31KUGMc4YAR+JMYSMJFre1IG1zxGITZ3T3oULwd/Ym7
+1cWifrLWqXvZnm+xJFuvKR+pZxkPPeCmRcFA6K9U6CFEBpDHNFxYQv7Dbsv8GBpn
+PqYDegtB8v2ZLr50u2p4sdQxsqKwiTvO8Ok9DU7cKx0JqGti/owi+1e2kJAj6b++
+dwwrfExrfy50BiAQeTtDx/5Urq7N+U1gfGNkVvXLO7UBCgy4irkOZtTy+akETrkG
+gZiZz+d/4n/B5x6PP6JxWSX/FhRA4BCywTKV2WQqFNjVEx9QTe6dZPvJ+f1qUEUY
+yavQZTisiOnyCTFb/oDRAOcRBcUKhZYlDhfujAoiMQi9YHPmwywNiLcEJgVZcM/j
+OJmAzlGR1RA/9IjcJAp63OyfqwIUwMGx61shGv0yuApiKib/tBhQdc6MGZ/kqKMd
+qMy2/YK0IeAtq+E5yuHwh5XcoU8zff2+WWKdiygA6fiBHAp7ct5HD8HvpvM5cuyz
+yBkZKrd2vxrADEw14cCKeZ++8MoHGgAENtnwOEzZZzH0QLNgB2FiNsBCF/YFIQAZ
+RXPp/ltox/fQcT2XNiZK7B818Dsu2JD7TIXdI/cQPCToYwCKOvSGWsh7lLml86wE
+cXj07Rn8asWJUan/UlTHJLydHjMa0eQm9pCBwhpZLOOmvxXrBRlPAQdcly9uNCso
+SwjyY4hb8F6L2BY61mmC84F5wShFdxEtyhF+icYjj2wdiA6PWAHacHpuDN/pivEX
+oWM4m9NQTHqO+vujLuLOIyZ4Kz8uK5QkMveSdYP8Hitc8DfCGwatpbDbrZ/dh/jC
+8znnrmkglkNb/C7DMyJLFRWU4QAjAa6HCGCzzH2QEU7DgTYPB+q+/umr5/WcVu5N
+av2mfyRwTWvMiYQvbG7R9lOd8pHMP6NEaeeKJvjuDfdDv/7klu/wMEngns+JNlS+
+uqhLYlvDVkOph9423radHtirk97fdzn1fQuWAt0AphQKtvExNEmVs3dQEKcwHJmh
+KGKprXEq1xVAkhv+MA7H5XuYAXsJ+MOc7V2SlA/ccavWRFjPUuHQu08ksc7rcJUa
+vGw=
+-----END ENCRYPTED PRIVATE KEY-----
--- /dev/null
+# Ignore the certificates and keys in this directory
+*.crt
+*.pem
--- /dev/null
+<testcase>
+<info>
+<keywords>
+HTTPS
+HTTP GET
+</keywords>
+</info>
+
+<reply>
+<data>
+HTTP/1.1 200 OK
+Date: Thu, 22 Jul 2010 11:22:33 GMT
+Content-Length: 9
+Connection: close
+
+Blafasel
+</data>
+</reply>
+
+<proxy-reply>
+<data>
+HTTP/1.1 200 Connection established
+
+HTTP/1.1 200 OK
+Date: Thu, 22 Jul 2010 11:22:33 GMT
+Content-Length: 9
+Connection: close
+
+Blafasel
+</data>
+</proxy-reply>
+
+
+<client>
+<server>
+https
+</server>
+
+<name>
+HTTP client header order through https
+</name>
+<command>
+--insecure -H "Origin: https://www.privoxy.org/" -H "Cache-Control: max-age=315576000" -H "If-Modified-Since: Thu, 07 Jan 2021 22:05:31 GMT" -H "Upgrade-Insecure-Requests: 1" -H "Pragma: no-cache" -H "DNT: 1" -H "Cookie: yolo=123" -H "Referer: https://www.example.org/" -H "Proxy-Connection: keep-alive" -H "Accept-Encoding: gzip" -H "Accept: */*" -H "Host: %HOSTIP:%HTTPSPORT" -H "Accept-Language: en-CA" --user-agent "Client with unsorted headers" https://%HOSTIP:%HTTPSPORT/%TESTNUMBER
+</command>
+</client>
+
+<verify>
+<protocol>
+GET /%TESTNUMBER HTTP/1.1\r
+Host: %HOSTIP:%HTTPSPORT\r
+User-Agent: Client with unsorted headers\r
+Accept: */*\r
+Accept-Language: en-CA\r
+Accept-Encoding: gzip\r
+Referer: https://www.example.org/\r
+Cookie: yolo=123\r
+DNT: 1\r
+Pragma: no-cache\r
+Upgrade-Insecure-Requests: 1\r
+If-Modified-Since: Thu, 07 Jan 2021 22:05:31 GMT\r
+Cache-Control: max-age=315576000\r
+Origin: https://www.privoxy.org/\r
+\r
+</protocol>
+</verify>
+</testcase>
--- /dev/null
+<testcase>
+<info>
+<keywords>
+HTTPS
+HTTP GET
+</keywords>
+</info>
+
+<reply>
+<data>
+HTTP/1.1 200 OK
+Date: Thu, 22 Jul 2010 11:22:33 GMT
+Content-Length: 9
+
+Blafasel
+</data>
+</reply>
+
+<proxy-reply>
+<data>
+HTTP/1.1 200 Connection established
+
+HTTP/1.1 200 OK
+Date: Thu, 22 Jul 2010 11:22:33 GMT
+Content-Length: 9
+Connection: close
+
+Blafasel
+</data>
+</proxy-reply>
+
+
+<client>
+<server>
+https
+</server>
+<name>
+HTTP client header order through https 2
+</name>
+<command>
+--insecure -H "Origin: https://www.privoxy.org/" -H "Cache-Control: max-age=315576000" -H "If-Modified-Since: Thu, 07 Jan 2021 22:05:31 GMT" -H "Upgrade-Insecure-Requests: 1" -H "DNT: 1" -H "Pragma: no-cache" -H "Cookie: yolo=123" -H "Referer: https://www.example.org/" -H "Accept-Encoding: gzip" -H "Proxy-Connection: keep-alive" -H "Accept: */*" -H "Accept-Language: en-CA" -H "Host: %HOSTIP:%HTTPSPORT" --user-agent "Client with unsorted headers" https://%HOSTIP:%HTTPSPORT/%TESTNUMBER
+</command>
+</client>
+
+<verify>
+<protocol>
+GET /%TESTNUMBER HTTP/1.1\r
+Host: %HOSTIP:%HTTPSPORT\r
+User-Agent: Client with unsorted headers\r
+Accept: */*\r
+Accept-Language: en-CA\r
+Accept-Encoding: gzip\r
+Referer: https://www.example.org/\r
+Cookie: yolo=123\r
+DNT: 1\r
+Pragma: no-cache\r
+Upgrade-Insecure-Requests: 1\r
+If-Modified-Since: Thu, 07 Jan 2021 22:05:31 GMT\r
+Cache-Control: max-age=315576000\r
+Origin: https://www.privoxy.org/\r
+\r
+</protocol>
+</verify>
+</testcase>
--- /dev/null
+<testcase>
+<info>
+<keywords>
+HTTPS
+HTTP GET
+</keywords>
+</info>
+
+<reply>
+<data>
+HTTP/1.1 200 OK
+Date: Thu, 22 Jul 2010 11:22:33 GMT
+Content-Length: 9
+
+Blafasel
+</data>
+</reply>
+
+<proxy-reply>
+<data>
+HTTP/1.1 200 Connection established
+
+HTTP/1.1 200 OK
+Date: Thu, 22 Jul 2010 11:22:33 GMT
+Content-Length: 9
+Connection: close
+
+Blafasel
+</data>
+</proxy-reply>
+
+<client>
+<features>
+SSL
+</features>
+<server>
+https
+</server>
+<name>
+HTTP client header order 3 through https. Only a few headers to sort.
+</name>
+<command>
+--insecure https://%HOSTIP:%HTTPSPORT/%TESTNUMBER
+</command>
+</client>
+
+<verify>
+<protocol>
+GET /%TESTNUMBER HTTP/1.1\r
+Host: %HOSTIP:%HTTPSPORT\r
+User-Agent: curl/%VERSION\r
+Accept: */*\r
+\r
+</protocol>
+</verify>
+</testcase>
--- /dev/null
+<testcase>
+<info>
+<keywords>
+HTTPS
+HTTP GET
+</keywords>
+</info>
+
+<reply>
+<data>
+HTTP/1.1 200 OK
+Date: Thu, 22 Jul 2010 11:22:33 GMT
+Content-Length: 9
+
+Blafasel
+</data>
+</reply>
+
+<proxy-reply>
+<data>
+HTTP/1.1 200 Connection established
+
+HTTP/1.1 200 OK
+Date: Thu, 22 Jul 2010 11:22:33 GMT
+Content-Length: 9
+Connection: close
+
+Blafasel
+</data>
+</proxy-reply>
+
+
+<client>
+<server>
+https
+</server>
+<name>
+HTTP client header order 4. Left over headers.
+</name>
+<command>
+--insecure -H "Bum: Tschaka" -H "Blafasel: Die da" -H "Origin: https://www.privoxy.org/" -H "Cache-Control: max-age=315576000" -H "If-Modified-Since: Thu, 07 Jan 2021 22:05:31 GMT" -H "Upgrade-Insecure-Requests: 1" -H "DNT: 1" -H "Pragma: no-cache" -H "Cookie: yolo=123" -H "Referer: https://www.example.org/" -H "Accept-Encoding: gzip" -H "Proxy-Connection: keep-alive" -H "Accept: */*" -H "Accept-Language: en-CA" -H "Host: %HOSTIP:%HTTPSPORT" --user-agent "Client with unsorted headers" https://%HOSTIP:%HTTPSPORT/%TESTNUMBER
+</command>
+</client>
+
+<verify>
+<protocol>
+GET /%TESTNUMBER HTTP/1.1\r
+Host: %HOSTIP:%HTTPSPORT\r
+User-Agent: Client with unsorted headers\r
+Accept: */*\r
+Accept-Language: en-CA\r
+Accept-Encoding: gzip\r
+Referer: https://www.example.org/\r
+Cookie: yolo=123\r
+DNT: 1\r
+Pragma: no-cache\r
+Upgrade-Insecure-Requests: 1\r
+If-Modified-Since: Thu, 07 Jan 2021 22:05:31 GMT\r
+Cache-Control: max-age=315576000\r
+Origin: https://www.privoxy.org/\r
+Bum: Tschaka\r
+Blafasel: Die da\r
+\r
+</protocol>
+</verify>
+</testcase>
--- /dev/null
+{+https-inspection +ignore-certificate-errors}
+/
--- /dev/null
+listen-address 127.0.0.1:9119
+
+ca-directory ../ca-directory
+ca-cert-file privoxy-test-cacert.crt
+ca-key-file privoxy-test-cakey.pem
+ca-password blafasel
+# We don't check certificate anyway
+trusted-cas-file privoxy-test-cacert.crt
+
+certificate-directory ../certs
+
+client-header-order Host User-Agent Accept Accept-Language Accept-Encoding \
+ Proxy-Connection Referer Cookie DNT Connection \
+ Pragma Upgrade-Insecure-Requests If-Modified-Since \
+ Cache-Control Content-Length Origin Content-Type
+
+actionsfile ./https-inspection.action
+
+debug 1 # Log the destination for each request Privoxy let through. See also debug 1024.
+debug 2 # show each connection status
+debug 4 # show tagging-related messages
+debug 8 # show header parsing
+debug 32 # debug force feature
+debug 64 # debug regular expression filters
+debug 128 # debug redirects
+debug 256 # debug GIF de-animation
+debug 512 # Common Log Format
+debug 1024 # Log the destination for requests Privoxy didn't let through, and the reason why.
+debug 4096 # Startup banner and warnings.
+debug 8192 # Non-fatal errors
+
projects / privoxy.git / commitdiff