Overview of WebOne - atauenis/webone GitHub Wiki

The WebOne Proxy Server is a HTTP 1.1 server that receives requests from classic Internet browsers, then makes a new request to requested remote server (using HTTPS 1.1/2.0/3.0 and all security things) and returns the requested content with adaptations need to display it in "elderly" browser.

Few tens years ago all access to WWW in some networks was made through proxies (gateways). So now this network architecture is back, but for help older systems interact with modern Internet.

HTTPS decrypting to HTTP 1.1

Nowadays almost all Web servers are working over secure HTTPS protocol with 256-bit TLS 1.2/1.3 encryption. But many older Web browsers and software cannot work with this encryption. For them, WebOne is able to accept HTTP 1.0 incoming traffic, then made a request to remote server via HTTP or HTTPS, and return content over plain HTTP.

HTTPS cipher downgrade

WebOne can also accept incoming HTTPS-Proxy connections (aka HTTP CONNECT method), and work via pseudo-HTTPS. In this mode the proxy server is decrypting TLS 1.2/1.3 tunnel and re-encrypting it to SSL 3.0 tunnel suitable for older software. The limitation is that real certificates are lost, and a fake certificate issued by proxy server is used to sign the SSL traffic.

This feature is available in WebOne v0.16 and up. Supported ciphers include:

  • Ssl2 with Rc4 128-bit, Md5 128-bit
  • Ssl3 with TripleDes 168-bit, Sha1 160-bit
  • Tls with Aes256 256-bit, Sha1 160-bit
  • Tls12 with Aes256 256-bit, Sha1 160-bit
  • Test environment: server - Win8.1, clients - Netscape 3, Firefox 3.6, MSIE 5.01.

Traffic adaptations

All HTTP traffic from browser is sent to real HTTP and HTTPS servers. If the server can't work in insecure mode, the Proxy retries the request in HTTPS mode. But for client it continues to look like the protocol (regular HTTP 1.0) hasn't changed. So all sites being available again via classic "insecure" HTTP protocol. If the client browser is accessing an URL with https:// protocol, WebOne will establish secure connection with self.

Because cookies and some headers for HTTPS 1.1/2.0 have slightly different format than for classic HTTP, they are gets edited to HTTP 1.0 syntax, otherwise browsers will reject them.

Client user-agent too gets modified by the Proxy by adding WebOne/X.Y.Z suffix, so server can detect the proxy and understand that the old browser is not as dumb as it was in the 1990s.

Proxy authentication

WebOne is ready to be used on public hosts. To prevent unauthorized use of it there are possible to enable password-based proxy authentication. If it is enabled, the browser will ask you for password before allowing use of the proxy. So the proxy server will not be used to post spam or by kids.

Content editing

All content that are text-based (like HTML, CSS, JS) being edited by WebOne. Binary files are transferred pass-through as is. List of MIME types of content which should be touched by content editing is set in TextTypes configuration file option.

Some sites or internet applications to display and work correctly in old browsers require manual editing of some content using something like "find and replace" function of text editors. For such cases the proxy can apply all required Sets of edits.

Code page conversion

If OutputEncoding option is set to AsIs, the content encoding (code page) aren't changing. Most of modern web is encoded in UTF-8. But if you want to use non-UTF-aware browser, WebOne can convert text content to any available encoding. Even alphabet transliteration is available for really old browsers without non-Latin letter support.

Default WebOne configuration defines automatic converting UTF-8 to classic code pages for all historical browsers without UTF-8 support.

All content from remote servers is downloaded by WebOne using encoding said in Content-type header or by finding Byte Order Mark. But for servers with invalid UTF-8 content you may set forced downloading using selected code page in webone.conf. Currently it's ForceUtf8 section but probably it will be changed in later nightly builds

Content replacing using 302 Redirections

To replace some linked content on pages or to use archived copy of some URLs instead of real web it is possible to use Edit Sets with AddRedirect rule.

Automatic loading of archived copy of dead sites

In case of unavailability of the site due to content removal (on Server Not Found or 404 errors), WebOne tries to get the content from Internet Archive Wayback Machine. If there are chances to see something, browser gets an redirection to archived copy. This behavior may be enabled or disabled via SearchInArchive option.

Older browsers cannot correctly display "Wayback Machine doesn't have that page archived" messages from Internet Archive. For them there are possibility to replace the message with built into WebOne. To disable 404 message replacing, unset ShortenArchiveErrors option.

File format converting

Because older browsers cannot correctly display pictures in WebP and PNG formats, WebOne can convert them to acceptable picture formats like GIF or even XBM. This feature also can be used to convert video files, if the Proxy is running on a fast modern machine with fast Internet connection. All format converting things is configured via Edit Sets with OnContentType detection rule (syntax).

Playing YouTube videos

WebOne also makes possible to watch videos from YouTube and some other online video services. The Retro Online Video Player can even convert codecs to make the video compatible with older players (such as Flash plugin or Windows Media 6.4 plugin) and slow PCs. See YouTube playback article for details.

Other protocols support

All HTTPS proxies by the protocol are able to work with other protocols, such as IRC/IRCS, MSN Messenger or FTP. For them, a HTTPS proxy such as WebOne is establishing a TCP tunnel to remote server. Just like other SSL downgrade software, such as ProxHttpsProxyMII, WebOne can change encryption algorithm used in tunnel from TLS 1.3 to TLS 1.0 or SSL 3.0.

The list of supported applications includes, for example, mIRC client and some versions of MSN Messenger (Windows .NET Messenger).

Anything more?

I (the main developer, Alexander "atauenis" Tauenis) have many ideas about what can be added to the Proxy, but if you have own suggestions, you may leave them in GitHub Issues.

Also if you know HTML/CSS/JS/HTTP/XML and/or C# language, the project wants your skill. We are welcome forks and pull requests with new features and bug fixes.