Conditional Reverse Proxy to Localhost

It’s possible I’m going to win an award for being the #1 scrub here on the mitmproxy forums but here I go.

Environment
I set up mitmproxy on my mac, installed the certificate, and used the system proxy settings to route all http and https traffic through the mitmproxy port on regular mode.

I want to intercept https requests of a singular host and depending on the path, either serve the response from a local file, or pass it on to the regular server. I don’t think I can use a reverse proxy here because I don’t want all of the requests from the host to be served locally, only some of them.

I wrote a simple redirect script and plugged it into mitmproxy and hit my host with postman to test.

from mitmproxy import http
def request(flow: http.HTTPFlow) -> None:
    if flow.pretty_host == "js.mywebsite.com" and "redirect" in flow.path:
        flow.host = "localhost"
        flow.port = 9999
        flow.scheme = "http"

I have a simple python server on port 9999 serving local files.

Anyway, so if I make a postman request to http://js.mywebsite.com/redirect, everything is fine.

But if I make that same request as https, I see that my python file server is hit and returns the correct data, and even in the mitmproxy terminal i see a response that has the data from the file. But the initial request from postman just craps the bed.

I think that I’m missing some vital piece of information about security principles in general, so I’m sorry if I’m trying to do the impossible. But I thought that mitmproxy would create a certificate for js.mywebsite.com and return the local data over https and everything would work fine. Guess I’m missing something.

Any help would be appreciated, thanks for reading.

Hm… this particular combination (you see a request and a response in mitmproxy, but your client seems to fail) is quite unusual and may as well be a bug. Is there anything in mitmproxy’s event log? Does the client display any specific error? The only thing you change is HTTP → HTTPS between client and mitmproxy and it doesn’t work anymore?

Well, I change https -> http through the proxy. The request coming into js.example.com is of https scheme, and my local server that is just hosting files is http. So depending on the path (in my example, if it has ‘redirect’ in the path), then I serve from the local server over http.

I can try to get a giphy of my experience