Its probably possible if the proxy server is outside of the firewalls control.
heres some sample code below. i know. it sucks. but its 3:30 am here. i created a simple two horizontal frames page. top frame takes the remote url and passes the location to the bottom page as the var $url.
top_frame.php
##################################
<HEAD>
<TITLE>Proxy Bypass</TITLE>
<SCRIPT>
function change_page(url)
{
top.bottom.location = "http://test.schnell.to/test/bottom_frame.php?url=" + url;
}
</SCRIPT>
<NOSCRIPT><BR>This page uses Javascript, please enable Javascript or upgrade to Netscape 2.0 or above.<BR></NOSCRIPT>
</HEAD>
<BODY>
<FORM NAME="url_loc">
<INPUT TYPE="button" VALUE="Go" onClick="change_page(document.url_loc.url.value)">
<INPUT TYPE="text" NAME="url" SIZE=50 MAXLENGTH=50 VALUE="http://www.yahoo.com">
</FORM>
</BODY>
##################################
bottom_frame.php:
##################################
<?
if(!isset($url))
{
echo "
<HEAD>
<TITLE>Please Wait</TITLE>
</HEAD>
<BODY>
Type in a site then click on the Go button.
</BODY>
";
}
else
{
$fp = fopen($url,"r");
$data = fread($fp, 1048576);
$data = ereg_replace("=\"","=\"http://test.schnell.to/test/bottom_frame.php?url=",$data);
echo $data;
}
?>
##################################
it kinda of works. only on pages that use absolute urls and it doesn't handle images very well.
possible improvements:
1)don't touch binary data, only add the php gateway address on .asp, .php, , .cfm, .html, .htm etc files
2)hande absolute & relative urls
3)use javascript client side to do simple encryption on the remote urls and have php decode the urls then load em. this might avoid filters that search the url in the GET or POST for specific keywords.
