...
- Web Proxy: Web Proxy can be viewed as a simple transformation type where the end output is similar to the input. Web proxy might still be subject to a content transformation pipeline that includes HTML validation, content clipping, etc. This pipeline might use HttpClient and OWASP AntiSamy.
- XSLT: Transform source XML using an XSLT.
- JSON: Deserialize JSON using the Jackson Library into a Java Map object, then transform into HTML using the configured Spring view name.
Technology
- SpringMVC
- HttpClient HttpClient4 for requesting remote content
- OWASP AntiSamy for validating remote content
- NekoHTML for parsing HTML into processable SAX events
- Jackson for JSON deserialization
- ? Standard JDK classes for XSLT transformation
Features
- Delegated authentication, including form-based credential replay, proxy-CAS, and delegated SAML.
- Proxying of web resources, including CSS and images
- HTML Clipping
- Support regex-y whitelist of URLs to be proxied
- Actual re-written URLs should be tracked in session to prevent exploiting poorly written whitelists and turning them into proxy vulnerabilities
- Ability to load source content from the filesystem in addition to requesting remote web content
- Mechanism for adding user attributes / other interesting dynamic parameters to initial URL
- Optionally cache content and persist cookies in a database
- Ability to add HTTP headers