From 9fbad95a7977a3528f560744cad79f8e1146205c Mon Sep 17 00:00:00 2001
From: Petitoto <apfaucon@gmail.com>
Date: Fri, 11 Sep 2020 20:44:12 +0200
Subject: [PATCH] Updated 'replacements' settings (better use of wildcards)

---
 modules/http_proxy/http_proxy.go              |  4 +--
 .../http_proxy/http_proxy_base_sslstriper.go  | 25 +++++++++++--------
 modules/https_proxy/https_proxy.go            |  6 ++---
 3 files changed, 19 insertions(+), 16 deletions(-)

diff --git a/modules/http_proxy/http_proxy.go b/modules/http_proxy/http_proxy.go
index 003a4b77..e8eeaef3 100644
--- a/modules/http_proxy/http_proxy.go
+++ b/modules/http_proxy/http_proxy.go
@@ -55,8 +55,8 @@ func NewHttpProxy(s *session.Session) *HttpProxy {
 		"Enable or disable SSL stripping."))
 
 	mod.AddParam(session.NewStringParameter("http.proxy.sslstrip.replacements",
-		"com:corn net:nel org:orq", "(.*:.*\\s*$)+",
-		"Space separated list of '<original_chars>:<stripped_chars>', and ordered by priority. Use '*' for any domain. Internationalized Domain Names are allowed. If the domain to strip isn't found in this parameter, the last char of the top-level domain will be duplicated."))
+		"*.com:*.corn *.net:*.nel *.org:*.orq", "(.*:.*\\s*$)+",
+		"Space separated list of '<original_domain>:<stripped_domain>', and ordered by priority. Use '*' for any characters. Internationalized Domain Names are allowed. If the domain to strip isn't found in this parameter, the last char of the top-level domain will be duplicated."))
 
 	mod.AddHandler(session.NewModuleHandler("http.proxy on", "",
 		"Start HTTP proxy.",
diff --git a/modules/http_proxy/http_proxy_base_sslstriper.go b/modules/http_proxy/http_proxy_base_sslstriper.go
index c355b15f..8b97b103 100644
--- a/modules/http_proxy/http_proxy_base_sslstriper.go
+++ b/modules/http_proxy/http_proxy_base_sslstriper.go
@@ -142,23 +142,26 @@ func (s *SSLStripper) processURL(url string) string {
 			iPort = iEndHost
 	}
 	// search for domain's part to replace according to the settings
-	replacement := []string{}
+	replaceto := ""
 	for _, r := range strings.Fields(s.replacements) {
 		rep := strings.Split(r, ":")
-		if rep[0] == "*" {
-			rep[0] = url[:iPort]
-		}
-		if strings.Contains(url[:iPort], rep[0]) {
-			replacement = rep
+		replacer := regexp.MustCompile("(?i)^" + strings.ReplaceAll(regexp.QuoteMeta(rep[0]), "\\*", "(.+)") + "$") //allow using * to designate any existing character + case insensitive
+		if replacer.MatchString(url[:iPort]) {
+			replacement := ""
+			sreplacement := strings.Split(rep[1], "*")
+			for i := range sreplacement {
+				replacement += sreplacement[i]
+				if i+1 < len(sreplacement) {
+					replacement += "${" + strconv.Itoa(i+1) + "}"
+				}
+			}
+			replaceto = replacer.ReplaceAllString(url[:iPort], replacement)
 			break
 		}
 	}
-	if len(replacement) != 0{
+	if len(replaceto) != 0 {
 		// replace domain according to the settings & strip HTTPS port (if any)
-		url = url[:iPort] + url[iEndHost:]
-		iReplacement := strings.LastIndex(url, replacement[0])
-		replaceto := strings.ReplaceAll(replacement[1], "*", replacement[0])
-		url = url[:iReplacement] + replaceto + url[iReplacement+len(replacement[0]):]
+		url = replaceto + url[iEndHost:]
 	} else {
 		// double the last TLD's character & strip HTTPS port (if any)
 		url = url[:iPort] + string(url[iPort-1]) + url[iEndHost:]
diff --git a/modules/https_proxy/https_proxy.go b/modules/https_proxy/https_proxy.go
index 596bbd4f..569f9f61 100644
--- a/modules/https_proxy/https_proxy.go
+++ b/modules/https_proxy/https_proxy.go
@@ -41,9 +41,9 @@ func NewHttpsProxy(s *session.Session) *HttpsProxy {
 		"false",
 		"Enable or disable SSL stripping."))
 
-	mod.AddParam(session.NewStringParameter("http.proxy.sslstrip.replacements",
-		"com:corn net:nel org:orq", "(.*:.*\\s*$)+",
-		"Space separated list of '<original_chars>:<stripped_chars>', and ordered by priority. Use '*' for any domain. You can use Internationalized Domain Names. If the domain to strip isn't found in this parameter, the last char of the top-level domain will be duplicated."))
+	mod.AddParam(session.NewStringParameter("https.proxy.sslstrip.replacements",
+		"*.com:*.corn *.net:*.nel *.org:*.orq", "(.*:.*\\s*$)+",
+		"Space separated list of '<original_domain>:<stripped_domain>', and ordered by priority. Use '*' for any characters. You can use Internationalized Domain Names. If the domain to strip isn't found in this parameter, the last char of the top-level domain will be duplicated."))
 
 	mod.AddParam(session.NewStringParameter("https.proxy.injectjs",
 		"",