The old official web proxy of TitaniumNetwork.
Succeeded by Ultraviolet. Successor to Alloy.
- Corrosion
- Installation
- Basic Example
- Public Deployment Example
- Advanced Configuration
- Middleware
- Contributing
- Todo
npm i corrosion const Corrosion = require('corrosion'); const proxy = new Corrosion(); const http = require('http') http.createServer((req, res) => proxy.request(req, res) // Request Proxy ).on('upgrade', (req, socket, head) => proxy.upgrade(req, socket, head) // WebSocket Proxy ).listen(80);Access a website by going to /prefix/gateway?url=URL.
Much more in depth one is in the demo folder.
For implementing a Corrosion server into your production website, we recommend you follow the below configuration.
index.html
<!DOCTYPE html> <html> <head> <style> body { text-align: center; } </style> </head> <body> <form action="/get/gateway/" method="POST"> <input name="url" placeholder="Search the web"> <input type="submit" value="Go"> </form> </body> </html>index.js
// https here is necesary for some features to work, even if this is going to be behind an SSL-providing reverse proxy. const https = require('https'); const fs = require('fs'); const path = require('path'); const Corrosion = require('corrosion'); // you are free to use self-signed certificates here, if you plan to route through an SSL-providing reverse proxy. const ssl = { key: fs.readFileSync(path.join(__dirname, '/ssl.key')), cert: fs.readFileSync(path.join(__dirname, '/ssl.cert')), }; const server = https.createServer(ssl); const proxy = new Corrosion({ codec: 'xor', // apply basic xor encryption to url parameters in an effort to evade filters. Optional. prefix: '/get/' // specify the endpoint (prefix). Optional. }); proxy.bundleScripts(); server.on('request', (request, response) => { if (request.url.startsWith(proxy.prefix)) return proxy.request(request, response); response.end(fs.readFileSync(__dirname + '/index.html', 'utf-8')); }).on('upgrade', (clientRequest, clientSocket, clientHead) => proxy.upgrade(clientRequest, clientSocket, clientHead)).listen(8443); // port other than 443 if it is needed by other software.In the same directory in which you saved the above files, generate some self-signed SSL certificates.
root@corrosion:~$ openssl req -nodes -new -x509 -keyout ssl.key -out ssl.cert Run the server to ensure everything is working.
root@corrosion:~$ node index.js &; cpid=$! root@corrosion:~$ curl -k "https://localhost:8443/get/hvtrs8%2F-ezaopne%2Ccmm" <html> <head> <title>Example Domain</title> ... user@corrosion:~$ kill $cpid Now, you can setup this server to run as a service. Two popular options are PM2 (tailored for NodeJS applications) and systemd.
root@corrosion:~$ npm i pm2 -g root@corrosion:~$ pm2 start index.js root@corrosion:~$ pm2 startup root@corrosion:~$ pm2 save [Unit] Description=Corrosion After=network-online.target Wants=network-online.target systemd-networkd-wait-online.service StartLimitIntervalSec=500 StartLimitBurst=5 [Service] Restart=on-failure RestartSec=5s WorkingDirectory=/root/corrosion/path/to/server ExecStart=/usr/bin/env node index.js [Install] WantedBy=multi-user.target Save the above in /lib/systemd/system/corrosion.service
root@corrosion:~$ chmod 644 /lib/systemd/system/corrosion.service root@corrosion:~$ systemctl daemon-reload root@corrosion:~$ systemctl start corrosion root@corrosion:~$ systemctl enable corrosion Setup the Nginx reverse proxy to serve Corrosion and certbot to obtain Letsencrypt certificates.
root@corrosion:~$ apt install -y nginx python3 python3-venv libaugeas0 root@corrosion:~$ python3 -m venv /opt/certbot/ root@corrosion:~$ /opt/certbot/bin/pip install --upgrade pip root@corrosion:~$ /opt/certbot/bin/pip install certbot certbot-nginx root@corrosion:~$ ln -s /opt/certbot/bin/certbot /usr/bin/certbot Now, create the following Nginx config in /etc/nginx/sites-enabled/corrosion. All of the header options are important and necesary.
server { root /var/www/path/to/webroot; server_name your.domain.com; location / { proxy_set_header Accept-Encoding ""; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-Host $host:$server_port; proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; proxy_pass https://127.0.0.1:8443; # the port it's listening on proxy_http_version 1.1; proxy_set_header Host $host; } listen 80; } Finally, get our Letsencrypt certificates and restart nginx!
root@corrosion:~$ certbot --nginx -d <your domain> root@corrosion:~$ systemctl restart nginx Your site should be working now. If you want to add a custom frontend to make it usable, you should expand the index.js to serve your frontend. This can be easily integrated with Express and other NodeJS webserver frameworks. See some examples of proxy frontends that use Corrosion.
{ 'prefix': '/get/', // String - URL Prefix 'title': 'Woah Corrosion', // (Boolean / String) - Title used for HTML documents 'ws': true, // Boolean - WebSocket rewriting 'cookie': true, // Boolean - Request Cookies 'codec': 'base64', // String - URL encoding (base64, plain, xor). 'requestMiddleware': [Corrosion.middleware.address([0.0.0.0])] // Array - Array of [middleware](../README.md#middleware) functions for proxy request (Server). 'responseMiddleware': [myCustomMiddleware()] // Array - Array of [middleware](../README.md#middleware) functions for proxy response (Server). 'standardMiddleware': true // Boolean - Use the prebuilt [middleware](../README.md#middleware) used by default (Server). }Middleware are functions that will be executed either before request or after response. These can alter the way a request is made or response is sent.
function(ctx) {r ctx.body; // (Request / Response) Body (Will return null if none) ctx.headers; // (Request / Response) Headers ctx.url; // WHATWG URL ctx.flags; // URL Flags ctx.origin; // Request origin ctx.method; // Request method ctx.rewrite; // Corrosion object ctx.statusCode; // Response status (Only available on response) ctx.agent; // HTTP agent ctx.address; // Address used to make remote request ctx.clientSocket; // Node.js Server Socket (Only available on upgrade) ctx.clientRequest; // Node.js Server Request ctx.clientResponse; // Node.js Server Response ctx.remoteResponse; // Node.js Remote Response (Only available on response) };-
Request
- requestHeaders
-
Response
- responseHeaders
- decompress
- rewriteBody
arrArray of IP addresses to use in request.
const Corrosion = require('corrosion'); const proxy = new Corrosion({ requestMiddleware: [ Corrosion.middleware.address([ 0.0.0.0, 0.0.0.0 ]), ], });arrArray of hostnames to block clients from seeing.pageBlock page.
const Corrosion = require('corrosion'); const proxy = new Corrosion({ requestMiddleware: [ Corrosion.middleware.blacklist([ 'example.org', 'example.com', ], 'Page is blocked'), ], });See something lacking in Corrosion that you can fix? Fork the repo, make some changes, and send in a pull request.
- Code readability/commenting
- Documentation (wiki)
- JS Rewriter
- Uniform error codes
- JS Rewriter: Inject header properties (due to import statements).