I've been experimenting with ettercap, sslstrip, and privoxy as an intercepting proxy to alter code in a page before it's sent to the browser. Using privoxy filters I'm able to work around some of sslstrip's limitations but I've noticed some sites don't allow me to alter the <head> tags that are sent. I believe this is called server side checking as mentioned in the following posts.
Gmail login failure with sslstrip - Remote Exploit Forums
Is EnableHeaderChecking=true enough to prevent Http Header Injection attacks? - Stack Overflow
Are there methods to get around these types of checks that I can research?