PHProxy is een in PHP geschreven http-proxy waarmee je firewalls en tussenliggende proxy's kan omzeilen zodat je toch je favoriete sites kan bezoeken wanneer deze op het werk, op school of in het internetcafe geblokkeerd worden. De proxy vereist een PHP-omgeving waar safe_mode uitgeschakeld is en een connectie naar het internet zodat je de webinterface van de proxy kan benaderen. De ontwikkelaar heeft na een lange tijd van stilte een tweede bètaversie uitgebracht van PHProxy 0.5. De aankondiging en lijst met veranderingen van PHProxy 0.5 beta 2 zien er als volgt uit:
The 0.5 beta is finally released. Refer to the Change Log attached with the download for changes. Please note that cookie managment has not been implemeted yet in the beta, but this shouldn't be a big issue. Valuable information is also provided in the README.txt, and the Bugs and Limitations section is especially useful. Please experiment with this release and report bugs and feedback to phproxy.support at gmail. Thank you for your continuous support.
And as always, the PHProxy demo is available at Grab: Web Circumventor
- Moved hotlinking prevention further down in the code
- upon_hotlink option 1 behavior changed to show the URL form using show_report() instead of a buggy HTTP redirect
- Default value for upon_hotlink is now 1 (show URL form page w/ error) instead of 2 (404 Error)
- Fixed XSS vulnerbility in the address box in index.inc.php (Thanks Ryan from http://proxy.gd)
- Removed .htaccess file because of "Internal Server Error" on several Apache installations
- Fixed "prev_dir" in url_parse(). It didn't show the Website's address if there were no "previous dirs" (Thanks Rayan)
- Reworked the script into a procedural programming code style instead of OO. Everything should be more streamlined and faster now.
- Reworked extraction and processing of HTTP response headers. Doesn't depend on regex as much as before.
- Flags are now encoded in base 16 instead of base 2.
- Merged banned_hosts, allowed_hosts into one "hosts" array with each entry being a seperate regex piece of code.
- Sped up HTML proxification decently by optimizing the regex
- Introduced new system for showing errors, reports, and forms. It doesn't depend on HTTP redirects as in 0.4 and below.
- Prevented more private networks from being allowed to be browsed through the proxy
- Entry form now uses POST instead of GET
- Added support for inline CSS proxification
- Added support for connections over SSL (requires PHP >= 4.3.0 and OpenSSL)
- Added support for compressing output using Zlib
- Added hotlinking protection, with options on what to do upon detecting hotlinking
- Added support for flag freezing (i.e. users cannot change the value of frozen flags)
- Added stripslashing for GPC for those with magic_quotes_gpc on
- Added support for P3P and various other response headers
- Fixed mini URL-form not being included on every HTML page
- Fixed issues with POST data
- Fixed the Host request header. The port is only added if necessary
- Fixed Referer request header. It should reflect the actual referer now
- Fixed max_file_size bug
- Fixed the "script_url" variable. It should reflect the port if necessary and whether it's https or not
- Improved file upload support
- Improved URL parsing. It's not perfect, but it's better than before.
- Improved Basic authentication. It also now supports multiple realms per domain and different ports on the same domain
- Improved the usability of URL forms
- Improved cookie support
- Improved URL error notifications
- Improved removal of scripts
- Improved handling of frames and iframes to not display URL forms. This is still extremely buggy however.
- Various other fixes and speed improvements