Why I created it? ¶
- I am tired that various HTTPS clients (like browsers and feed
aggregators) use TLS libraries with different feature set. NSS, GnuTLS,
OpenSSL... All of them sucks, comparing to Go’s
crypto/tls.
- I am tired that everyone provides very limited certificates trust
management capabilities, like either certificate or SPKI
pinning with
TOFU.
- I am tired that many clients provides very few information about
certificates and connections at all.
- I hate that hardly anyone can control (no automatic silent
transparent following) HTTP redirections. Although Firefox (I used many
ears ago) had proper extensions for that.
- I am sick of tiny control on URLs. The best you can is to use some
kind of Privoxy, but it is
not friendly with TLS connections, obviously. Or use yet another
browser-specific plugin.
- Hardly anyone does
DANE
checks.
- And there is insanity of fonts downloading.
Why the hell people just do not send PostScript documents instead!?
- And wonderful JPEG XL image format is
not supported by all browsers. Even pretty old
WebP, is not supported
everywhere, especially on old browsers.
- None of web browsers has ability to view web archives
(WARCs). And most of
WARC-related software is written on Python, that nowadays is close to be
impossible to install and use with all its broken dependencies system.
- And yet another piece of software is needed for browsing the
geminispace?
Too many bicycles already!
That is why I wrote tofuproxy – pure Go HTTP proxy, MitMing
all HTTPS connections on the fly. It is written for my personal needs
exclusively, so many features are just directly hard-coded, instead of
creating some kind of complex configuration framework.