-1

I am making a proxy application for a browser. It has to use only the standard libraries. So far, I've managed to create the server. When trying to access a web page from a client, i get the following information:

CONNECT gmail.com:443 HTTP/1.1 User-Agent: Mozilla/5.0 Firefox/49.0 Proxy-Connection: keep-alive Connection: keep-alive Host: gmail.com:443

My question is: what to use in order to handle the requests? How to handle a file download?

Liquid Penguin
  • 321
  • 1
  • 16

2 Answers2

1

Once you get that CONNECT command, do what is asked: create the upstream connection, and return the appropriate success/failure response. If the upstream connection was successful, all you have to do now is copy bytes in both directions, simultaneously. The endpoints will take care of all SSL issues, uploads, downloads, etc. You have no further role to play.

user207421
  • 305,947
  • 44
  • 307
  • 483
-1

The general behaviour of a proxy is as follows:

  1. Receive request from browser
  2. Make a request to the actual server, resolving all redirects if necessary
  3. Get the response from server and passit on to client

I am not getting into complications of changing request/response headers, caching etc.

Now from the above, you are making a SSL connection to gmail.com refer.

The browser is actually sending correct request, in this case you need to implement the handshake and connect to gmail with HTTPS offloading SSL on your side and sending the response received to the browser through the negotiated SSL with the browser.

Suggestion is to use HTTP instead of HTTPS, if this is not a production grader system and try out the concept first

Community
  • 1
  • 1
Ironluca
  • 3,402
  • 4
  • 25
  • 32
  • That's not correct, and it's not what it says in your [link](http://stackoverflow.com/questions/11697943/when-should-one-use-connect-and-get-http-methods-at-http-proxy-server). – user207421 Sep 27 '16 at 10:35
  • The link is a reference and some details about CONNECT request – Ironluca Sep 27 '16 at 10:36
  • Your link correctly says 'with SSL(HTTPS), only the two remote end-points understand the requests, and the proxy cannot decipher them. Hence, all it does is open that tunnel using CONNECT, and lets the two end-points (webserver and client) talk to each other directly', which contradicts your answer: specifically the part about 'offloading SSL on your side'. – user207421 Sep 27 '16 at 10:37