1

My HTTPS Proxy should work like this:

  • it should establish a Connection with Connect
  • it should pass the traffic but should not be able to modify it.
  • So it should not be able to read it.

I have read now some stuff over the CONNECT. But I do not really understand it and how to implement it.

My Question is now what exactly does CONNECT do?CONNECT is an HTTP Request. But all it does it establish a connection. but how does this help me?

I can not see how to use it to achieve my goal.

greetings

Christoph

Sabir Khan
  • 9,826
  • 7
  • 45
  • 98
Christoph Bonzai
  • 43
  • 1
  • 6
  • Too broad. There are lots of existing questions here about HTTP and HTTPS proxies, but if you don't already have a good knowledge of RFC 2616 this is not the place to start. – user207421 May 23 '16 at 10:42
  • Well my HTTP Proxy works still thanks to you :-) 9.9 CONNECT This specification reserves the method name CONNECT for use with a proxy that can dynamically switch to being a tunnel (e.g. SSL tunneling [44]). Thats what I found on google RFC2616. It does not realy help me. – Christoph Bonzai May 23 '16 at 10:48
  • Have you considered reading the rest of it? – user207421 May 23 '16 at 10:57

1 Answers1

1

Your first question: What exactly does CONNECT do?

As you said, CONNECT is an Http Request method for Client to Proxy server to establish a connection to the server in a SSL-encrypted communication. Once the connection is established from Client to Server via your Proxy Server, client will upgrade it to TLS connection by initiating TLS handshake. Then there is a direct give-and-take of messages between client and server. This forms one of the way of Tunneling from client to server connection.

This probably also answers your other question: How does it help you?

As you said you are using a proxy server. Hence your client will communicate to your proxy server through CONNECT request. Upon receiving this request your proxy server will proceed as explained above.

Client------[CONNECT Request]-----Proxy Server--------------Server

I don't think it will read or modify any of your data as it is solely meant to establish connection to server and pass the traffic. Sending of actual request data and fetching of response is done by HTTP GET method.

For any more queries you may like to have a walk through following links:

(a)CONNECT request to a forward HTTP proxy over an SSL connection?

(b)When should one use CONNECT and GET HTTP methods at HTTP Proxy Server?

Community
  • 1
  • 1
Dhaval Simaria
  • 1,886
  • 3
  • 28
  • 36
  • This sounds to me like. I have to parse the message. Get the Request Type. If i recieve a CONNECT. I have to create a Socket(adress,port). If this work I will send the client a HTTP1.1/200 so he knows taht he can start now with the communication. And all I do is sending the request to the server and the response to the client over my sockets. – Christoph Bonzai May 23 '16 at 10:57
  • I don't get what you meant by saying 'Parse the message'. Since you are working on a proxy server over a Secured Socket Layer connection(you have mentioned HTTPS in the question), CONNECT request method is one of the ways to establish connection to the server. But I think you have got the second half correctly i.e. from sending 200 OK message to client onwards. I hope you have gone through the links provided. – Dhaval Simaria May 23 '16 at 11:25