From 635da9b1a6571ec6c0a8ae67d544b4e749c848f1 Mon Sep 17 00:00:00 2001 From: Barna Csorogi Date: Tue, 29 Mar 2016 13:21:37 +0200 Subject: [PATCH] update readme add description about pac files --- README.md | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 60e035a..7505c22 100644 --- a/README.md +++ b/README.md @@ -28,6 +28,19 @@ To use the proxy over HTTPS, you will need a certificate for your host. If you d `openssl req -x509 -newkey rsa:2048 -nodes -keyout cert.key -out cert.crt -days 3650 -subj '/CN='` then visit the proxy url and confirm that you trust your own certificate +To connect to the proxy over tls, you will need to supply a PAC (proxy auto-config) file to the browser, as most of them do not expose this option to the UI directly. Example: +``` +function FindProxyForURL(url, host) { + if (url.substring(0, 5) == 'http:' || url.substring(0, 6) == 'https:') { + return "HTTPS :9999"; + } + return "DIRECT"; +} + +``` +This tells the browser to fetch http/https urls via the https proxy and for all other schemas (eg. websocket) connect directly. +Set the path to this file in the browser UI and you're good to go. + ### MitM To enable man-in-the-middle support, you will need to generate a root cert to sign all the certs generated by the proxy on the fly: `openssl req -x509 -newkey rsa:2048 -nodes -keyout ca.key -out ca.crt -days 3650 -subj '/CN='` @@ -50,7 +63,7 @@ Probably the best option is to run it with both tls and mitm support, combining `compy -cert cert.crt -key cert.key -ca ca.crt -cakey ca.key` You can also specify the listen port (defaults to 9999): -`compy -host :9999`` +`compy -host :9999` For compression, transcoding and minification options, see `compy --help` @@ -58,7 +71,7 @@ For compression, transcoding and minification options, see `compy --help` Credits ------- -https://github.com/pixiv/go-libjpeg +https://github.com/pixiv/go-libjpeg https://github.com/tdewolff/minify