Proxygen

Mon, Dec 12, 2022

Privacy Policy

This policy applies to the Proxygen interactive HTTP proxy.

Proxying of network communications

The built-in HTTP proxy in the app does all processing on-device. After performing all relevant actions, messages are sent to the original target server, unless you have configured a redirection.

While the Proxygen iOS app makes use of a VPN configuration, no actual VPN tunnel is created. Device traffic is not directed to a tunnel of any kind. The VPN configuration is only used to apply a HTTP proxy to all networking on the device.

Information we collect

Proxygen does not use third party frameworks to collect crash data or analytics. Generic usage data is collected using Apple’s built-in App Analytics that you can opt out of at any time.

The app does not communicate any content of your proxied network communications to third parties.

HTTP messages recorded by the proxy are handled on-device and their data is stored in local documents. These files may get synced to iCloud, if your device is configured to use iCloud file synchronisation.

Security

Proxygen can be configured as a TLS Manipulator in the Middle (MITM) proxy, which means it will decrypt and see clear text contents of HTTPS connections. Sensitive data such as login usernames and passwords, session tokens and keys, may be sent over these proxied connections between your device and the remote server.

The app is designed to store HTTP messages in project files. These documents will contain, in unencrypted form, the sensitive data recorded by the proxy. Make sure that you handle any documents with appropriate care and never share them unless you understand the consequences.