Skip to content

Instantly share code, notes, and snippets.

@aSapien

aSapien/axios_proxy_bypass.md

Last active October 31, 2020 14:54
Show Gist options
  • Save aSapien/c9d652508105f3676b1f6ea4b6a305be to your computer and use it in GitHub Desktop.
Save aSapien/c9d652508105f3676b1f6ea4b6a305be to your computer and use it in GitHub Desktop.
Download ZIP
[axios proxy bypass] #ssrf
Raw
axios_proxy_bypass.md

Axios proxy bypass

  1. The proxy settings are defined in the top level config.
  2. Upon the initial reqest, an httpAdapter is resolved, and within it, the transport type which can be [http(s) (native), follow-redirect.http, follow-redirect.http].
  • When redirects are disabled, the native http transport is chosen
  • When redirects are enabled, then:
    • No proxy is set: follow-redirect.http
    • An http proxy is set: follow-redirect.http
    • An https proxy is set: follow-redirect.https
  1. follow-redirect has 613 npm packages depending on it. Some popular are axios, tinyreq and node-rest-client.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment