enable
Enable HTTPS, hide requests, terminate requests, and other features through rules.
Rule Syntax
txt
pattern enable://action1|action2|... [filters...]
# Equivalent to:
pattern enable://action1 enable://action2 ... [filters...]
Parameters | Description | Detailed Documentation |
---|---|---|
pattern | Expression to match request URLs | Match Pattern Documentation |
action | Specific action, see the description below | |
filters | Optional filters, supporting matching: • Request URL/Method/Headers/Content • Response Status Code/Headers | Filter Documentation |
abort
: Interrupt the request during the request or response phase (based on the matching phase)abortReq
: Interrupt the request during the request phaseabortRes
: Interrupt the request during the response phaseauthCapture
: Force execution of the auth hook before converting to HTTPS (default behavior is to execute the plugin's auth hook after converting to an HTTPS request)auto2http
: Enable automatic fallback to HTTP requests when HTTPS requests encounter TLS errors. By default, this is automatically enabled if the serverIP is a local IPbigData
: Increase the data display limit for captured packets (2M → 16M)br
: Enable BR compression for response contentgzip
: Enable GZIP compression for response contentdeflate
: Enable Deflate compression for response contentcapture
orhttps
: Enable HTTPS (same as the HTTPS menu function)captureIp
: For requests where the domain is an IP, HTTPS requests are not decrypted by default. Useenable://captureIp
to enable HTTPS request parsingcaptureStream
: Output captured request and response content in stream form to the capture interface in real time, with dynamic appendingclientCert
: Enable mutual authentication (mTLS) between the client and serverclientId
: Add the request headerx-whistle-client-id: Whistle locally generated unique ID
clientIp
: Set thex-forwarded-for
request header for matched non-local requests to forward the client's real IP address to upstream servicescustomParser
: Customize the display content of the capture interface. For usage, refer to the plugin: https://github.com/whistle-plugins/whistle.custom-parserflushHeaders
: Call response.flushHeaders afterresponse.writeHead(...)
(enabled by default)forHttp
: Make thecapture
function only effective for HTTP requestsforHttps
: Make thecapture
function only effective for HTTPS requestsforceReqWrite
: When using reqWrite or reqWriteRaw to write request data to a local file, if the corresponding file already exists, the write operation is skipped by default to protect the existing file. Useenable://forceReqWrite
to force overwritingforceResWrite
: When using resWrite or reqWriteRaw to write response data to a local file, if the corresponding file already exists, the write operation is skipped by default to protect the existing file. Useenable://forceResWrite
to force overwritingh2
: Enable HTTP2 from Whistle proxy → serverhttp2
: Enable HTTP2 for browser → Whistle proxy → serverhttpH2
: Enable HTTP2 for HTTP requests from Whistle proxy → serverhide
: Hide captured packet data on the interface (excludingcaptureError
and requests sent by Composer)hideComposer
: Hide requests sent by ComposerhideCaptureError
: HidecaptureError
requestsshowHost
: Set the server IP to the response headerx-host-ip
ignoreSend
: Ignore sending data frames for WebSocket and TUNNEL requests (TUNNEL requests requireinspect
to be enabled)ignoreReceive
: Ignore receiving data frames for WebSocket and TUNNEL requests (TUNNEL requests requireinspect
to be enabled)pauseSend
: Pause sending data frames for WebSocket and TUNNEL requests (TUNNEL requests requireinspect
to be enabled)pauseReceive
: Pause receiving data frames for WebSocket and TUNNEL requests (TUNNEL requests requireinspect
to be enabled)inspect
: Enable viewing of TUNNEL request content in Inspectors / FramesinterceptConsole
: Interceptconsole.xxx
requests and display them in the Log panel of the Whistle management interface (enabled by default)internalProxy
: Use proxy protocols likeproxy
orsocks
to forward requests to other proxy servers (e.g., another Whistle instance). After enabling this, HTTPS requests decrypted by the first-layer proxy will be transmitted in plain text within the proxy chain, allowing upstream proxies to directly access plain text dataproxyFirst
: Prioritize using proxy rules (by default, when bothhost
andproxy
match, onlyhost
takes effect)proxyHost
: Make both proxy and host take effect simultaneouslyproxyTunnel
: Use withproxyHost
to allow the upstream proxy to tunnel through to an upper-layer HTTP proxy. See the example below for detailskeepCSP
: Automatically remove thecsp
field from response headers when injecting content viahtmlXxx
/jsXxx
/cssXxx
. Useenable://keepCSP
to retain these fieldskeepAllCSP
: Automatically remove thecsp
field from response headers when injecting content viahtmlXxx
/jsXxx
/cssXxx
/weinre
/log
. Useenable://keepAllCSP
to retain these fieldskeepCache
: Automatically remove cache fields from response headers when injecting content viahtmlXxx
/jsXxx
/cssXxx
. Useenable://keepCache
to retain the original cache headerskeepAllCache
: Automatically remove cache fields from response headers when injecting content viahtmlXxx
/jsXxx
/cssXxx
/weinre
/log
. Useenable://keepAllCache
to retain the original cache headerskeepClientId
: Retain the originalx-whistle-client-id
request header (by default, the incomingx-whistle-client-id
is deleted)safeHtml
: A security mechanism that checks if the first non-whitespace character of the response content is{
or[
(indicating a JSON object) before injecting content viahtmlXxx
/jsXxx
/cssXxx
into an HTML page. If not, the injection proceeds. This prevents accidental injection into non-HTML responses (e.g., JSON interfaces)strictHtml
: A security mechanism that checks if the first non-whitespace character of the response content is<
before injecting content viahtmlXxx
/jsXxx
/cssXxx
into an HTML page. If not, the injection proceeds. This prevents accidental injection into non-HTML responses (e.g., JSON interfaces)multiClient
: When Whistle acts as a public proxy withenable://clientId
enabled, a fixedx-whistle-client-id
header is added to all requests, preventing upstream services from distinguishing between clients. Enablingenable://multiClient
generates and maintains a unique and consistent identifier for each client connection, ensuring upstream services can accurately identify request sourcesrequestWithMatchedRules
: Include the currently matched rules in the request headersresponseWithMatchedRules
: Include the currently matched rules in the response headerstunnelHeadersFirst
: Controls the priority of request header merging. Plugins can pass tunnel (TUNNEL) request headers to subsequent stages via tunnelKey. The default merging rule is: if a tunnel header and a parsed regular request header have the same key, the regular request header value is retained. Enablingenable://tunnelHeadersFirst
changes this behavior, ensuring tunnel request headers take priority and override any conflicting regular headersuseLocalHost
: Modify the domain oflog
andweinre
request URLs to use built-in domainsuseSafePort
: Modify the port oflog
andweinre
request URLs to use built-in portsuserLogin
: Set whether statusCode://401 displays a login box (enabled by default)weakRule
: By default, when protocols like file are configured, proxy rules automatically become invalid. Setting theweakRule
property increases the priority of proxy rules, allowing them to remain effective in such scenariossocket
: After enabling HTTPS parsing (Enable HTTPS
orenable://https
), TUNNEL requests sent to ports80/443
are forcibly attempted to be parsed as HTTP/HTTPS traffic. By default, if parsing fails, the connection is destroyed; requests to other ports continue as TUNNEL connections if parsing fails. Settingenable://socket
allows requests to ports80/443
to degrade to TUNNEL connections if parsing fails, avoiding connection destructionwebsocket
: Used to handle non-standard WebSocket connections. Some requests use the WebSocket protocol for transmission but have non-standard Upgrade headers (e.g.,Upgrade: websocket
). By default, Whistle treats them as ordinary TCP connections without parsing the data. Enablingenable://websocket
forces Whistle to recognize such connections as WebSocket protocols and parse the data
Configuration Example
txt
# Enable HTTPS
www.example.com enale://https
# Abort the request with a 3000ms delay
www.example.com/path reqDelay://3000 enable://abortReq
# Abort the response with a 5000ms delay
www.example.com/path resDelay://5000 enable://abortRes
# Enable GZIP for local replacement content
www.example.com/path file:///User/xxx/test enable://gzip
# Set hosts for the upstream proxy (10.10.10.20:8888)
www.example.com/path proxy://10.1.1.1:8080 10.10.10.20:8888 enable://proxyHost
# Tunnel requests through the upstream HTTP proxy (10.1.1.1:8080) to the specified HTTP proxy (10.10.10.20:8080)
www.example.com proxy://10.1.1.1:8080 10.10.10.20:8080 enable://proxyHost|proxyTunnel
# Enable HTTP2 for the entire connection from browser to Whistle proxy to server Functionality
www.example.com enable://http2
# Enable HTTP2 functionality for Whistle proxy -> server
www.example.com enable://h2
# Force HTTP requests from Whistle proxy -> server to use HTTP2 transport
www.example.com enable://httpH2
# Safe injection mode: When using the htmlXxx/jsXxx/cssXxx injection directives, inject only if the first character of the response is not `{`
www.example.com/path enable://safeHtml
# Strict HTML injection mode: When using the htmlXxx/jsXxx/cssXxx injection directives, inject only if the first character of the response is not `<`
www.example.com/path enable://strictHtml
# Automatically add the x-forwarded-for request header to convey the client's real IP address
www.example.com enable://clientIp
# Expand the packet capture data display limit (2MB → 16MB)
www.example.com/path enable://bigData
# Modify the domain name or port of the log/weinre request URL.
www.example.com/path enable://useLocalHost | useSafePort
# Force reqWrite/reqWriteRaw/resWrite/resWriteRaw to overwrite existing files.
www.example.com/path enable://forceReqWrite | forceResWrite
# Force HTTPS requests to execute the auth hook before parsing (the default is to execute the plugin's auth hook after converting them to HTTPS).
www.example.com enable://authCapture
Associated Action: [disable](./disable)