Search code examples
node.jsintercept

how to modify https traffic in google chrome using nodejs?


Like a question, of course I didn't do it because of illegal behavior.

For example, I have a link: https://example.com/inj.php The result I get for example is:

<h1>Hello world</h1> 

How can I fix it using only nodejs code?

<h1>Hello world</h1>
<h2>inject</h2>

Solution

  • I think you need to create a proxy and that device needs to install and configure your self-signed CA. I wrote a library for personal use, it works pretty well

    npm i pms-proxy
    

    As your question above, it can be written as

    const https = await PPCa.generateCACertificate();
    const spki = PPCa.generateSPKIFingerprint((<PPCaFileOptions>https).cert);
    const userData = path.join('C:/test-chrome');
    
    const server = new PPServerProxy({https});
    
    const pass = new PPPassThroughHttpHandler();
    pass.injectBuffer((req, buffer) => {
        return {
            data: buffer.toString() + "<h2>inject</h2>"
        };
    })
    server.addRule().url('https://example.com/inj.php').then(pass);
    
    await server.listen(1234);
    
    // node module
    child_process.exec(
        `start chrome --proxy-server="http://127.0.0.1:1234" --ignore-certificate-errors-spki-list=\"${spki}\" --user-data-dir=\"${userData}\"`
    );
    

    If you don't want to use SPKI Fingerprint you can create a self-signed CA, follow the README in the package: https://www.npmjs.com/package/pms-proxy