Hey Go Forums! This is my first post, so apologies if it’s off-topic or off-tone
I wrote proxydial recently to help write secure web-proxies in Golang. One of the biggest vulnerabilities in web-proxies is accidentally providing privilege escalation: the proxy is inside your data-center, and has access to internal services that the external internet would not normally be able to access. (see this post-mortem)
To avoid this, you can use a proxydial.Dial when making http requests. This will block access to internal network resources, and also to other “unsafe” places (like non-standard ports).
I’d love your feedback, particularly if you think there’s a bug in the code, or if you find a use for it
Hey there. While I don’t have a need for it, the package is clean and very well documented. I also think that the idea of whitelisting/blacklisting connections is quite compelling.
That said, I don’t quite understand the context. If an attacker takes ownership of the proxy, what prevents them from changing the package variables with the blacklist, to allow connections to their victim hosts? I guess that if you’re assuming the proxy is used by the attacker but that they don’t own it, then it makes sense.
Yeah! The use case is if you’re proxying arbitrary http requests (for the Superhuman email client we needed to proxy images loaded from 3rd party domains). Because an attacker can control which URLs get requested, we need to make sure that they couldn’t request internal services (as described here) but only make requests to the public internet.
