This issue was moved to a discussion.
You can continue the conversation there. Go to discussion →
[TLSInterception] Ability to enable TLS interception on demand #391
Labels
Good First Issue
Issues for new contributors to pick-up
Is your feature request related to a problem? Please describe.
Currently, when
--ca-*
flags are provided, TLS interception is enabled for all requests. However, in certain scenarios there can be a need to only enable TLS interception conditionally. E.g. conditionally intercept for content / ad-blocking. See #378 for background.Describe the solution you'd like
How to expose this feature to plugins is yet to be decided. Some implementation notes:
True
for all requests if--ca-*
flag is provided.True
andFalse
conditionally.Core will then only perform TLS interception if all the plugins in the chain return
True
. This is likely to have small performance impact as core will need to iterate over all plugins for every requests. This can be resolved by keeping such plugins higher in the plugin chain, so that core can bail out as soon as possible.Additional context
See #378 for background.
The text was updated successfully, but these errors were encountered: