Skip to content

Instantly share code, notes, and snippets.

@marcobellaccini

marcobellaccini/rawgitRedirect.rst

Last active October 14, 2022 03:21
Show Gist options
  • Save marcobellaccini/29fcb4e3b34923d3be6ad2599f655181 to your computer and use it in GitHub Desktop.
Save marcobellaccini/29fcb4e3b34923d3be6ad2599f655181 to your computer and use it in GitHub Desktop.
Download ZIP
raw.githubusercontent.com -> cdn.rawgit.com
Raw
rawgitRedirect.rst

raw.githubusercontent.com -> cdn.rawgit.com

This is a quick and dirty trick to get all HTTPS local connections to raw.githubusercontent.com being redirected to RawGit CDN (https://cdn.rawgit.com).

By using this hack, you can fool your applications into connecting to RawGit every time they try to connect to raw.githubusercontent.com.

Of course, this implies that you trust RawGit to the same degree as GitHub to serve the contents.

The trick relies on a local Python script issuing HTTP redirects.

These instructions are for GNU/Linux (but the same idea may be easily ported to other platforms).

  1. Add the following line to /etc/hosts (of course, you must be root - or use sudo):

    127.0.0.1       raw.githubusercontent.com

  2. Generate a self-signed certificate for raw.githubusercontent.com:

    openssl req -x509 -newkey rsa:2048 -keyout ghrkey.pem -out ghrcert.crt -days 900 -subj '/CN=raw.githubusercontent.com/O=MyCompany/C=US' -nodes

  3. Mark the self-signed certificate as a trusted CA certificate:

    sudo cp ghrcert.crt /usr/local/share/ca-certificates/
sudo update-ca-certificates

    NOTE: this is fine for Debian 9, other GNU/Linux distributions may have different ways to do this.

    Moreover, please keep in mind that some applications (e.g. Firefox) use their own trusted certificates store. For that applications, you should import the certificate in the appropriate way.

  4. Create the file "redirect.py", with the following content:

    import SimpleHTTPServer
import SocketServer
import ssl

class FakeRedirect(SimpleHTTPServer.SimpleHTTPRequestHandler):
   def do_GET(self):
       print self.path
       self.send_response(301)
       new_path = '%s%s'%('https://cdn.rawgit.com', self.path)
       self.send_header('Location', new_path)
       self.end_headers()

htsrv = SocketServer.TCPServer(("", 443), FakeRedirect)

htsrv.socket = ssl.wrap_socket (htsrv.socket, certfile='./ghrcert.crt', keyfile='./ghrkey.pem', server_side=True)
htsrv.serve_forever()

  5. Run the script (it needs root privileges to bind to https port - 443/tcp):

    sudo python redirect.py
  6. Thumbs-up for the author! (Marco Bellaccini - marco.bellaccini(at!)gmail.com)

This gist is released under the Creative Commons Attribution 4.0 International license.

@Valkierja
Copy link

work well for me. ty!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment