使用第三方库github.com/elazarl/goproxy

一.快速启动 可以访问http和https(不能对https的内容进行拦截)

package main

import (
    "log"
    "net/http"
    "github.com/elazarl/goproxy"
)
func main() {
	gproxy := goproxy.NewProxyHttpServer()
    // 开启调试模式
    gproxy.Verbose = true
	log.Fatal(http.ListenAndServe(":8080", gproxy))
}

二.配置对https的拦截

package main

import (
	"bytes"
	"fmt"
	"github.com/elazarl/goproxy"
	"io"
	"log"
	"net/http"
)

var (
	addr = "0.0.0.0:8080"
)

func responseCondition(resp *http.Response, ctx *goproxy.ProxyCtx) bool {
	return resp != nil && resp.Body != nil
}

func echoResp(resp *http.Response, ctx *goproxy.ProxyCtx) *http.Response {
	scheme := resp.Request.URL.Scheme
	ctx.Proxy.Logger.Printf("Intercepted a %s request: %s", scheme, resp.Request.URL.String())
	if scheme == "https" {
		respBody, _ := io.ReadAll(resp.Body)
		fmt.Print(string(respBody))
		resp.Body.Close()
		//恢复响应体供后续流程使用
		resp.Body = io.NopCloser(bytes.NewBuffer(respBody))
	}
	return resp
}

// 下载证书
func certHandler(w http.ResponseWriter, _ *http.Request) {
	w.Header().Set("Content-Type", "application/octet-stream")
	w.Header().Set("Content-Disposition", "attachment;filename=GoProxyCA.crt")
	w.WriteHeader(http.StatusOK)
	w.Write(goproxy.CA_CERT)
}

// 直接使用http访问时
// 如果不是访问下载证书的请求 则直接返回错误
func nonProxyHandler(w http.ResponseWriter, r *http.Request) {
	log.Println(r.Method, r.URL.Path)
	if r.Method == http.MethodGet && r.URL.Path == "/ssl" {
		certHandler(w, r)
	} else {
		http.Error(w, "This server only responds to proxy requests.", http.StatusInternalServerError)
	}
}

// 实例化并启动一个代理服务器
func main() {
	proxy := goproxy.NewProxyHttpServer()
	proxy.NonproxyHandler = http.HandlerFunc(nonProxyHandler)
	// 调试模式
	proxy.Verbose = true
	proxy.OnResponse(goproxy.RespConditionFunc(responseCondition)).DoFunc(echoResp)
	// 启用 HTTPS 的 MITM 拦截
	proxy.OnRequest().HandleConnect(goproxy.AlwaysMitm)
	log.Fatal(http.ListenAndServe(addr, proxy))
}

运行脚本后先使用浏览器访问http://yourAddr/ssl(如: http://localhost:8080/ssl)下载并安装证书

完整代码请访问：github.com/sgs921107/gproxy