Http session in littleproxy

Question

How do we handle the http session in littleproxy? I read about couple of approaches where in which one can use HTTP cookies and other is HTTP authentication headers.

Does littleproxy supports cookie handling or does it support the authentication header and sends a challenge response 401 to the browser client?

Cookie approach on other hand depends on the web server. Until web server allocates it, it won't be available to the user/browser.

I need to implement a scenario where I need to track every user's interaction on HTTP proxy, and provide specific treatment to each user depending on its profile e.g. I may block or remove images from web page for a given user, but allow them for others. How do I differentiate the HTTP traffic generated by one user from another.

Answer 1

I think using cookies is a good idea, as they will be retained by the browser and sent back to the proxy with each request.

You will basically need to add a filter and check / insert cookies as required:

    return new HttpFiltersSourceAdapter() {
        @Override
        public HttpFilters filterRequest(HttpRequest originalRequest) {
            return new HttpFiltersAdapter(originalRequest) {

                @Override
                public HttpResponse requestPre(HttpObject httpObject) {
                    if (httpObject instanceof HttpRequest) {
                        // check the cookie here
                    }
                    return super.requestPre(httpObject);
                }

                @Override
                public HttpObject responsePre(HttpObject httpObject) {
                    if (httpObject instanceof HttpResponse) {
                        HttpResponse response = (HttpResponse) httpObject;
                        response.headers().set(HttpHeaders.Names.SET_COOKIE, ServerCookieEncoder.encode("Content", "Some"));
                        return response;
                    } 

                    return httpObject;
                }
            };
        }
    };