You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I propose introducing a "Proxy Mode" that allows rep-chrome to connect to a local mitmproxy instance. This would bypass current browser limitations (like forbidden headers and fetch() constraints) and allow users to write and run Python scripts to manipulate traffic directly from the DevTools panel.
The Problem
Currently, rep+ is limited by the Chrome extension sandbox:
Forbidden Headers: Certain headers cannot be modified via fetch().
Request Fidelity: No support for malformed requests or raw TCP-level testing.
Scripting: Users cannot leverage the massive Python ecosystem for complex traffic manipulation.
Proposed Solution: Hybrid Architecture
Instead of replacing the current engine, we could add an "Advanced Proxy" tab. This would work via a Hybrid Architecture:
Backend (Local): A companion script/binary (running mitmproxy) that handles the heavy lifting.
Frontend (rep-chrome): The DevTools UI acts as the Control Plane.
Communication: The extension communicates with the mitmproxy instance via WebSockets to stream logs and send configuration updates.
Key Features
Integrated Python Editor: Add a code editor (e.g., Monaco/CodeMirror) in a new tab within rep-chrome to write mitmproxy addons.
One-Click Proxy Toggle: Use the chrome.proxy API to automatically route browser traffic through the local mitmproxy instance (usually port 8080).
Hot-Reloading: When a user edits a Python script in DevTools and hits "Apply," the extension pushes the code to the backend to update traffic rules instantly.
Full Header Control: Ability to modify Cookie, Host, and User-Agent headers without browser interference.
Why this fits rep+
rep+ is already the go-to for quick testing and replaying. By adding an optional proxy integration, it bridges the gap between a "lightweight extension" and a "full-scale interceptor" like Burp Suite or Caido, all while keeping the user inside the Chrome DevTools environment.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
rep+
Uh oh!
There was an error while loading. Please reload this page.
-
Summary
I propose introducing a "Proxy Mode" that allows rep-chrome to connect to a local mitmproxy instance. This would bypass current browser limitations (like forbidden headers and fetch() constraints) and allow users to write and run Python scripts to manipulate traffic directly from the DevTools panel.
The Problem
Currently, rep+ is limited by the Chrome extension sandbox:
Proposed Solution: Hybrid Architecture
Instead of replacing the current engine, we could add an "Advanced Proxy" tab. This would work via a Hybrid Architecture:
Key Features
Why this fits rep+
rep+ is already the go-to for quick testing and replaying. By adding an optional proxy integration, it bridges the gap between a "lightweight extension" and a "full-scale interceptor" like Burp Suite or Caido, all while keeping the user inside the Chrome DevTools environment.
Beta Was this translation helpful? Give feedback.
All reactions