[Owasp-leaders] [Owasp-webscarab] OWASP Proxy

Rogan Dawes lists at dawes.za.net
Sun Dec 14 06:13:53 EST 2008

Nam Nguyen wrote:
> On Sun, 14 Dec 2008 10:20:35 +0100
> Stephen de Vries <stephen at twisteddelight.org> wrote:
>> Rogan wrote: 
>>> So, OWASP Proxy is intended to address these issues. It is a small  
>>> (45kB
>>> jar) library (not a stand-alone executable) that Java developers can  
>>> use
>>> when they need to add intercepting or logging proxy capabilities to
>>> their own programs.
> Do I hear re-usability? Lovely!

That's the idea!

>> Out of interest, will it be easy to strip out just the http client  
>> implementation from the OWASP Proxy library?  IMO, this could be very  
>> useful as the Apache HttpClient is really the only viable library  
>> available at the moment.  It would be nice to have an alternative  
>> that's more literal and doesn't try to fix requests.
> My bet is it is not the objective of OWASP Proxy, unless Rogan has another plan.

As you say, making *another* project is not really the objective.

> By the way, talking about WebScarab-NG, I would very much like to see
> support for SOCKS 4/5 proxy. Probably that can be factored into this
> OWASP Proxy library?

I'd like to include SOCKS support in the httpclient implementation. I
see that there is a Java SOCKS library which could be used for this, so
I'll give it a go and see how it works.


More information about the OWASP-Leaders mailing list