Data provided to your scripts for requests
GreasySpoon service provides following information to scripts applying on users requests:
  • requestheader : string containing HTTP request header, as generated by user's browser
  • httprequest : string containing HTTP request body, or null if none. Note that HTTP request body is only provided for POST requests.
  • user_id  :  string containing either user id (login) or user ip address. User ID will be available if authentication is activated on HTTP proxy.
  • user_group   :  string containing user group if available, or null if not. User group might be available if authentication is activated on HTTP proxy.
  • sharedcache :  a java hash table<String, Object> that is shared between all scripts
Information is provided as static variables so can be accessed/modified in any part of the script.
All information is provided as string to avoid casting on Script Engine side, except the shared cache which is transmitted as a Java hashtable. To use this hash table, standard Java methods must be used:
  • get(<string>key) to retrieve content associated to given key
  • put(<string>key, <object>value) to store a content in the table using given key

Any modification made on HTTP request header and/or body will be handled by GreasySpoon service and will be reflected to the user's request. It is also possible to directly return a response to the user by changing HTTP request line (GET/POST/... something) by an HTTP response code (HTTP/1.0 200 OK for example).

Two examples are provided hereafter showing the possibilities of requests scripts:
 » A request anonymizer script can that illustrates how to modify requests headers
 » A basic access control script that blocks access to some URLs


Example of a request modification - Basic anonymizer
//This is a very basic anonymizer script:
// - change user agent
// - remove browser referer
// - To test with
//@name SimpleEcmascript
//@status on
//@description Request anonymizer: remove user agent and refer from requests
//@include http://www\.ericgiguere\.com/tools/http-header-viewer\.html
//Elements provided by GreasySpoon and used in the script
// requestheader : (String) HTTP request header

// Locate User-agent header value
start = requestheader.indexOf("User-Agent: " ) + "User-Agent: ".length;
end = requestheader.indexOf("\r\n", start);
//Replace user agent value by a new one
requestheader = requestheader.substring(0,start)
  + "GreasySpoon/1.0 (GreasySpoon; fr; rv: Gecko/20070914"
  + requestheader.substring(end);
// Search if request includes a Referer - If yes, simply remove it
start = requestheader.indexOf("Referer");
if (i>0){
  end = requestheader.indexOf("\r\n", start) +2;
  requestheader = requestheader.substring(0,start) + requestheader.substring(end);
//Nothing more to do: GS will take the result and forward resulting request to server
Provide custom response to specific requests - Example with a basic Filter

//This is a basic access control script:
// - filter requests using @include tags
// - returns a denied message
//@name directresponse
//@status on
//@description Intercept requests on some sites and return a 403 forbidden response
//@include .*game.*
//@include http://.*\.facebook\..{2,3}/.*
//@include http://.*\.myspace\..{2,3}/.*
//@include http://.*rapidshare\.com.*
// Used variables provided by GS:
//requestheader : (String)HTTP request header
//httprequest : (String)HTTP request body
// URL matched an include tag: Generates directly a HTTP response header

= "HTTP/1.1 403 Forbidden\r\nContent-Type: text/html;charset=ISO-8859-1\r\n\r\n";

//Generated a simple HTML body with a message to user
= "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0 Transitional//EN\"><html><head><title>Filtered by GreasySpoon</title></head>"
+ "<body><h1>!! Access Denied !!</h1>"
+ "You should go back to Work ..." + "</body>" + "</html>";

//That's all: GS will detect request must be transformed to a response, build up the HTTP message and send it back to user