https://github.com/elazarl/goproxy is pretty nice Go library for writing proxies, I used it once. Supports both HTTPS passthrough and MITM. Here's a trivial example MITMing connections to www.google.com and rejecting requests to https://www.google.com/maps while allowing everything else through:

  package main
  
  import (
      "log"
      "net/http"
      "strings"
  
      "github.com/elazarl/goproxy"
  )
  
  func main() {
      proxy := goproxy.NewProxyHttpServer()
      proxy.Verbose = true
      proxy.OnRequest(goproxy.DstHostIs("www.google.com")).HandleConnect(goproxy.AlwaysMitm)
      proxy.OnRequest(goproxy.DstHostIs("www.google.com")).DoFunc(func(r *http.Request, ctx *goproxy.ProxyCtx) (*http.Request, *http.Response) {
          if strings.HasPrefix(r.URL.Path, "/maps") {
              return r, goproxy.NewResponse(r, "text/plain", 403, "Forbidden")
          }
          return r, nil
      })
      log.Fatal(http.ListenAndServe(":8080", proxy))
  }

Try:

  curl -k -x localhost:8080 https://www.google.com/
  curl -k -x localhost:8080 https://www.google.com/maps
  curl -x localhost:8080 https://www.apple.com/

-k is to ignore cert error; note how we don't need it for apple.com due to passthrough.

Remember to use your own cert rather than the hardcoded one in "production" (a trusted network like your home of course, probably a bad idea to expose it on the open Internet).