Research on Android proxy automatic configuration PAC

The environment

  • Mi 6 MIUI9.2 Android7.1.1
  • MacOS 10.13.3
  • Charles 4.0.2

What is the PAC

PAC, full name Proxy Auto Config, Chinese name Proxy automatic configuration. Pacs are like configuration files through which the browser or other UA can configure proxy services for each URL, such as this URL to go through this proxy, that URL to go through that proxy, etc.

A simple PAC example

Simplest PAC example:

function FindProxyForURL(url, host) {
    return "The PROXY 172.18.104.54:8888; DIRECT";
}
Copy the code

The PAC configuration is simple, specifying that all traffic must go to agent 172.18.104.54:8888. If the agent is down, connect directly to the agent without going to agent.

Here’s a simpler PAC:

function FindProxyForURL(url, host)
{
    if (host == "www.mydomain.com") {
        return "DIRECT";
    }
    
    return "PROXY myproxy:80; PROXY myotherproxy:8080; DIRECT";
}
Copy the code

The PAC script above is also relatively simple, roughly meaning is: www.mydomain.com traffic directly go, do not go agent; Myproxy :8080 is the default proxy for traffic other than www.mydomain.com. Myproxy :80 is the default proxy for traffic other than www.mydomain.com. Myotherproxy :8080 is the default proxy for traffic other than www.mydomain.com. That is sorry, Lao Tze does not walk agent, direct naked connect bar ~

How to write the PAC

0. Some basics of PAC

A PAC is essentially a text file, but usually ends with.pac, such as proxy.pac. The PAC file contains a JavaScript function, FindProxyForURL(URL, host), which returns a string that is the configuration of the proxy. The function takes two arguments: url, which is the full url to browse to, and host, which is the hostname part of the URL.

The entire PAC file contains a function called FindProxyForURL(url, host), which may return one of three values:

  1. DIRECT, is directly connected, not through the proxy
  2. PROXY http://www.example.com:8080, the HTTP proxy host and port, specifying the proxy server address and port number
  3. SOCKS socks5sample.com:1080, socks5 proxy host and port, the host can also be represented by IP

An automatic agent can be a combination of multiple choices, separated by a semicolon; Separate, PAC disaster is better, because you can configure multiple proxies to a URL at the same time, separated by semicolons, if the first proxy hangs, will automatically select the second; If the second fails, the third…… continues automatically

1. Some functions of PAC

  1. IsPlainHostName (host) : Checks whether it is a local host
  2. DnsDomainIs (host,domain) localHostOrDomainIs(host, “”) : checks whether the accessed host belongs to a domain or a domain name
  3. IsInNet (host, subnet1, subnet2) : specifies whether the access IP address is in a subnet
  4. ShExpMatch (host, “”) : matches the host name
  5. Url.substring (0,n) : String interception
  6. MyIpAddress () : indicates the local IP address

2. List of functions supported by PAC

Complete the PAC support function list, we can see here: http://findproxyforurl.com/pac-functions/

How to configure PAC on Mi 6 to realize Charles packet capture

1. Implement a simple PAC script

My local IP is 172.18.104.54, and I need Charles to capture packets, so the port number is 8888, hence the following three-line PAC script:

function FindProxyForURL(url, host) {
    return "The PROXY 172.18.104.54:8888; DIRECT";
}
Copy the code

2. Upload the script to the public network server

Will save the script as proxy. Pac, uploaded to my public servers, can be accessed by http://121.42.Xx.Xx:8080/proxy.pac

3. Configure PAC for Mi 6

  • Connect the Mi 6 and Mac to the same WiFi hotspot, and then configure the Mi 6 agent

  • Click the arrow on the right in the red circle to enter the configuration page

  • Click in the red circle aboveThe agent, select agent automatic configuration

  • Enter the PAC url, as abovehttp://121.42.Xx.Xx:8080/proxy.pacClick OK in the upper right corner of the page
  • Finally, open Charles, mi 6. Visit the Internet casually, such as open a browser or something, and Charles may pop up a window, selected by defaultDeny.AccessCan be
  • The proxy has been automatically configured and you can use Charles to capture packets

Looking forward to

In the previous section, we implemented agent auto-configuration, but what if we had to do it every time? However, since the PAC configuration file is a remote configuration file, it can be modified dynamically by configuring the automatic proxy once and modifying the PAC file later. Still, isn’t it troublesome? I thought it would be nice to implement a Mac status bar application that would easily edit and then modify the contents of the remote PAC configuration file so that you could easily edit the proxy and switch between multiple proxy configurations. Of course, these are all for the future, after all, this thing is still only an idea, not yet done ~

The resources

  • PAC script writing
  • Wikipedia Proxy auto-config