Set HTTP proxy in Windows programmatically - winapi

I'm trying to see if it is possible to set HTTP proxy configuration programmatically from my C++/WinRT code. I found that one can get the current proxy configuration with NetworkInformation.GetProxyConfigurationAsync from UWP. But is it possible to change it?
My goal is to find a proxy server on the local network and set it up for Edge (or any other browser in the system) as the HTTP proxy. So, that afterward, for whoever is using a browser on that system, all requests would go through the proxy server.
I don't seek to use UWP or any application model in particular. Any way of achieving my goal (that described above) from C++ code would work.

Related

Jmeter Script recorder with Firefox not letting user bypass Authentication

I have an issue I'm facing which Jmeter Script recorder and Firefox browser in Windows 10.
I have managed to add a project in Jmeter with the Recorder template and imported the generated
Certificate into the Firefox browser and also changed the proxy settings to point to the port
I have in Jmeter Test script recorder (8888) by changing the proxy to manual configuration.
But when I start recording I get to a point in where I need to authenticate myself at a certain point in a webpage (a prompt showing up) and I also enter the correct credentials but it just keeps redirecting back to the prompt all over again so I can't bypass it.
Are there settings I should change in some of the Jmeter properties files?
I need to say that the computer I'm trying this with has proxy settings which are fixed and cant be changed when looking into wifi settings in control panel
JMeter provides HTTP Authorization Manager to deal with external authentication types like
basic HTTP
NTLM
Kerberos
So if you want to record the end-to-end flow you need to add properly configured HTTP Authorization Manager to your recording template test plan. The configuration details will differ depending on the server configuration, see Windows Authentication with Apache JMeter article for more details (you will need this setup in any case for replaying the recorded scripts)
Alternative solutions:
Disable proxy for this particular login request like:
Record all the steps including login - it will produce relevant HTTP Request samplers
Disable proxy
Perform login
Enable proxy
Continue recording
Use a 3rd-party recording solution like JMeter Chrome Extension

Can the Xamarin Android HTTP client be made to use the system proxy settings where present?

The xamarin android http client ignores system proxy settings !?? This old question prompted a number of people to answer how the proxy could be set directly, but I don't want to set it directly. I want to recover and use the system values, if present.
Does anyone have a neat way of doing this?

Play Framework serve HTTPS content

I am a newbie at play, and I am trying at least to use HTTPS on a login and sign up pages in order to have more security on sensitive user data.
I have a range of questions regarding this:
I have configured my play application to use https on the application.conf file with the https.port property. However in my development environment I cant seem to start the server with https capability unless I use the command: play -Dhttps.port=<port>
Why does this happen? I would think that I could use a dev.conf (right now is the application.conf) file in order to do this. Can't I start the server in dev mode while using this kind of settings specified on the configuration file?
Although I start the server with https capabilities, what is the correct way to use https on play? I already created a java key store that I use, and tried to redirect (from a controller) requests to a https url using redirect(securedIndexCall.absoluteURL(request, secure)). But it does not seem to work at least on my dev enviroment (localhost). The logs specify exceptions like:
java.lang.IllegalArgumentException: empty text
java.lang.IllegalArgumentException: invalid version format: M¥å/=<junk characters continue>
Should I use https on the whole application, or just securing the login and sign up requests is sufficient?
I feel the official documentation provided is rather insufficient and I am at a loss here trying to figure out how I should do this.
Any help would be really appreciated!
I agree with Fernando, I think it's easier to set up a front end web server. In my case I used Lighttpd and it was fairly straightforward to set up. I'd recommend:
Configure Lighttpd as per these instructions (at this stage, don't worry about HTTPS just get HTTP working): http://www.playframework.com/documentation/2.3.x/HTTPServer
Then configure HTTPS in Lighttpd: http://redmine.lighttpd.net/projects/1/wiki/HowToSimpleSSL. If you intend on buying an SSL certificate then there will be a few more options to set (e.g. intermediate certificate). The following page has more information: http://redmine.lighttpd.net/projects/1/wiki/Docs_SSL
Answers to your main questions:
1) Enabling HTTPS in Play
Yes, you have to explicitly say you want to use HTTPS when starting up
http://www.playframework.com/documentation/2.3.x/ConfiguringHttps
2) The "java.lang.IllegalArgumentException" error message
There might be an issue with the keystore. This SO article seems to discuss in more detail: Play framework 2.2.1 HTTPs fails on connection attempt
3) SSL for login page or whole app
Personally, I would go for the whole app. If you're taking the time to set up HTTPS I think you might as well cover the whole site. I guess there are slight performance overheads in running HTTPS but realistically it's not something you'd notice.
You should use a front end server for HTTPS, and use HTTPS for the whole application.
Please see Setting up a front end HTTP server and see the commented out nginx settings.

Tools for setting up Proxy Chain

We are trying to setup a chain of proxy server in our development system. We wanted to connect to a service through these proxies. The reason why we thought about proxy chaining is that there is no connectivity to the service from all the systems. So we thought we will run a proxy on one system, which will connect to a proxy on another system and so on.
Client ---> A (Proxy)--->B(proxy)---->Final destination
Could you please suggest some tools to achieve this? The service that we have is a SOAP based secured web service.
There is an open source application called ProxyChain for this, here is readme file for this project:
http://proxychains.sourceforge.net/howto.html
You can install as more as proxy chains you want using this open source software, you can configure it per your requirements. Also you can somehow use some port-forwarding. What is the client for SOAP requests? Is it a web or desktop application?

how to create a session with a proxy server

I have the following problem. I have an application (3rd party) that needs to connect to API via a proxy to request various data again and again. The application has a configuration section where the necessary details can be entered (the app then stores them in a config.ini file). However, one client doesn't like the proxy user/password to be stored in config files;
As I don't have access to the application's code, the simplest solution I can think of is something along the lines of a tunnel, i.e. write a simple app/script that would open a connection to the proxy, prompts the user for the username/password and then keep the connection open so that the application can access the proxy without needing username/password everytime. Is something like this possible? I mean I don't to create sort of full blown proxy that would sit between the app and the real proxy server, all I really want is something like a session so that once the IP is authorized to get through the proxy, the consequent requests go through as well.
I'd appreciate help and/or any suggestions for an alternate solution
p.s. the app is win32 only so the solution is for win32 only as well (ie no cygwin, etc.)
Thank you
Proxy credential caching typically works on a per-process basis, not a per-machine basis. So, having Application A make a request through the proxy rarely allows Application B to make a request without getting challenged.
If you can change the application's code, make a single request through the proxy using the desired credentials; e.g. make a HEAD request for your server's homepage. Most HTTP stacks (e.g. WinINET) will cache the proxy credentials for the life of the process.

Resources