public bool BeforeRequest(Session session, Rule rule) { // HTTPS Everywhere: https://www.eff.org/https-everywhere if (!session.isHTTPS && session.port != 443) { var host = new Uri(session.fullUrl).Host; foreach (var ruleset in Rulesets) { if (ruleset.MatchRule != null) { if (!ruleset.MatchRule.IsMatch(session.fullUrl)) { continue; } } if (ruleset.Exclusions.Any(ex => ex.IsMatch(session.fullUrl))) { continue; } if (ruleset.Targets.Any() && !ruleset.Targets.Any(t => t.IsMatch(host))) { continue; } foreach (var rulesetRule in ruleset.Rule) { if (!rulesetRule.From.IsMatch(session.fullUrl)) { continue; } var secureUrl = rulesetRule.From.Replace(session.fullUrl, rulesetRule.To); // So here we are checking for a redirect loop, if we get 10 redirects in a row in 30 seconds then we need to drop back to HTTP. lock (RedirectLocker) { if (RedirectCounter.Any() && RedirectCounter.Last().Item1 == session.fullUrl) { if (RedirectCounter.Count > 5 && (RedirectCounter.Max(t => t.Item3) - RedirectCounter.Min(t => t.Item3)).TotalSeconds < 30) { RuleLog.Current.AddRule( rule, session, String.Format("HttpsEverywhere (Failed): {0} ({1})", ruleset.Name, session.hostname)); return true; } } else { RedirectCounter.Clear(); } RedirectCounter.Add(Tuple.Create(session.fullUrl, secureUrl, DateTime.UtcNow)); } if (this.FakeHttps) // BUG: This doesn't really work at the moment. { return !session.OverrideRequest(secureUrl); } rule.ResponseLog.FireEvent(session, new ResponseSummaryEventArgs { FullUrl = session.fullUrl, Referer = (session.oRequest["Referer"].HasValue() ? session.oRequest["Referer"] : "None"), ResponseCode = 302, ResponseCodeText = "302 Moved to SSL Connection", Length = 0 }); session.RedirectSession(secureUrl, false); RuleLog.Current.AddRule( rule, session, String.Format("HttpsEverywhere: {0} ({1})", ruleset.Name, session.hostname)); return false; } } } return true; }
/// <summary> /// Action to run once the response has been received. /// </summary> /// <param name = "session">The fiddler session object.</param> /// <param name = "rule">The current rule being executed.</param> /// <returns> /// false to terminate any further response actions, or true to continue. /// </returns> public bool OnResponse(Session session, Rule rule) { if (session.oResponse.headers[ResponseHeaderName].HasValue()) { var headerElements = ParseResponseHeader(session.oResponse.headers[ResponseHeaderName]); var altUrl = GetAlternateContentUrl(headerElements, new Uri(session.fullUrl)); if (this.IsBelowRestrictedAge(headerElements)) { if (altUrl.HasValue()) { session.RedirectSession(altUrl, false); } else { session.oRequest.FailSession(403, "Restricted By Age", "Request blocked due to the rule: " + rule.Name); return false; } } else if (this.IsBelowRecommendedAge(headerElements)) { if (altUrl.HasValue()) { session.RedirectSession(altUrl, false); } } } return true; }