6

Since I am a beginner in the world of internet/networking, I always mess up with these kinds of doubts in my head while programming ;) .. My doubts are,

  1. While working behind a proxy, how do my requests and responses work? Does it mean that my request headers and data will first reach to Proxy server-> then proxy server sends it(same headers and data) to corresponding server. And server responses to it with a response header and body to the proxy server->then proxy server sends it to my computer. Right?

  2. While using websockets we are upgrading our HTTP connection to TCP. At this time what is happening at the Proxy server? Does the proxyserver also upgrades its connection to plain TCP?

  3. After opening such TCP connections, does the proxy server able to track/log those socket messsages?

  4. And most importantly, Is the proxy server transparent or acting like an original server infront of a client?

Thanks for any answers or helpful links in advance.

user207421
  • 305,947
  • 44
  • 307
  • 483
Vivek Mohan
  • 8,078
  • 8
  • 31
  • 49

2 Answers2

2

  1. Right.

  2. There is no such thing as 'upgrading HTTP to TCP'. An HTTP connection already is a TCP connection. The question is therefore meaningless.

  3. It is able to trace the connection, and it can see all the data being exchanged in both directions.

  4. I'm not sure what this means. After processing the CONNECT command, a proxy just copies bytes in both directions. Possibly this is 'transparent' in the terms of your question.

user207421
  • 305,947
  • 44
  • 307
  • 483
0

  1. Yeah that's about right.

  2. If you are talking about html5 websockets, than there needs to be couple of things mentioned. Firstly to use websockets you need a server that handles such connections, and I don't know any server that would support it out of box. There are apache modules that implement the functionality, there are also perl and python stand alone applications that do that. Bottom line is though that unless your server can handle websockets, nothing is going to happen. And same applies for websockets proxy, it would work on similar principle, I haven't read the websockets protocol specification, but the server would read the destination address of the packets and relay them to the server and then relay what server returns back. I actually haven't heard of a websockets proxy server nor I have idea how would I go around to write it, and I don't believe there is such thing yet; remember that the protocol is still not fully standardized.

  3. I would have thought so, after all the packets are transferred through the proxy, unless you encrypt it via SSL.

Apologies I couldn't give you more information but I have only started to mess with websockets fairly recently, and it still not quite widespread technology.

Also I would point you to following resources, they seem to provide some answers to your questions:

http://www.infoq.com/articles/Web-Sockets-Proxy-Servers http://stackoverflow.com/questions/2201317/why-dont-current-websocket-client-implementations-support-proxies

http://en.wikipedia.org/wiki/WebSocket#Proxy_traversal

cyber-guard
  • 1,776
  • 14
  • 30
  • Thanks for ur response. Are you stating that proxy server is acting like original server infront of client? Or if there is a way for a client application to detect if it is talking to a proxy / real server? – Vivek Mohan Apr 16 '12 at 11:58
  • With regular HTTP proxy it very much depends, some send additional HTTP headers indicating that it is proxy server request (`X-Forwarded-For`). There also are other techniques to find whether a user is behind proxy (flash, ajax, combination of the two...), but if the proxy server is set up correctly it can be quite difficult to detect whether the connection is from proxy or not. As for websockets, I don't believe there is such specification, so there may be ways around it, but by default it is not possible to determine whether the packets are from the user or not... – cyber-guard Apr 16 '12 at 12:04
  • From the Kaazing's site [http://websocket.org/aboutwebsocket.html, I think that websockets never care(once it is implemented) about the proxy server by providing HTTP tunneling. But I still wonder if this happens only for ws or wss(secure)? – Vivek Mohan Apr 16 '12 at 12:30
  • Ok so apparently it depends on the behavior of the proxy server, because in case of transparent proxy the client will not use `HTTP CONNECT` to set up the persistent tunnel. Most of your questions are answered in the first article I supplied, I don't want to paraphrase because quite frankly right now I find it a little confusing myself... – cyber-guard Apr 16 '12 at 13:28