On 02/22/2014 08:54 PM, Ximin Luo wrote:
On 22/02/14 04:08, David Fifield wrote:
- Run a second browser, apart from Tor Browser, that receives
commands from a client PT program and makes the HTTPS requests it is commanded to.
You might want to look at MozRepl. More summary here:
https://lists.torproject.org/pipermail/tor-dev/2013-November/005833.html
I told gsathya about this and he had a brief look during NYC and thought it was potentially feasible, but AFAIK we haven't done a complete analysis of this yet.
I have been working on this for a related project (with slightly different goals -- I need to drive TBB itself from automation). Unfortunately, MozRepl does *not* AFAICT expose any machine-friendly interface, just the telnet interface geared for humans. So I forked it and have been hacking up a strictly machine-oriented interface, here: https://github.com/zackw/firefox-puppeteer It's not even close to done, and the current design sketch (see the README) is extremely focused on my particular needs (e.g. use of ZeroMQ as wire protocol), but I'd be delighted to make it useful for more people than just me (especially if that comes with coding assistance ;-)
On the larger topic, looping network traffic back through the same process that originated it strikes me as asking for deadlocks, so I'd be inclined to go with (2) over (3) if it were me coding it. That said, in Firefox, extensions do have the ability to override the normal proxy settings, although it's a bit awkward (there doesn't appear to be a way to say "do _this HTTP request_ with no proxy", only "ignore what the prefs say if this function says so, for any URL"; but I could have missed something).
zw